[Smcwg-public] Methods for email verification

[Dimitris Zacharopoulos (HARICA)]

On 18/2/2021 6:25 μ.μ., Wendy Brown - QT3LB-C via Smcwg-public wrote:
> also could a single validation of the email address be used for 
> issuance of both the signature & encryption certs in the case of the 
> dual certs vs single cert case?

That makes perfect sense to me.

Validations in general should be allowed to be reused as it is allowed 
in other Certificate types.


Dimitris.

> Wendy
>
> Wendy Brown
> Supporting GSA FPKI
> Protiviti Government Services
>
>  703-965-2990 (cell)
>
> wendy.brown at gsa.gov <mailto:wendy.brown at gsa.gov>
> wendy.brown at protiviti.com <mailto:wendy.brown at protiviti.com>
>
>
>
> On Thu, Feb 18, 2021 at 10:54 AM Doug Beattie via Smcwg-public 
> <smcwg-public at cabforum.org <mailto:smcwg-public at cabforum.org>> wrote:
>
>     Hi Stephen,
>
>     I’m not sure I agree with this statement in section 3.2.2.2.2
>     Validating control over email address via email
>
>       * Completed validations of Applicant control over the email
>         address must be performed _for each Certificate issuance_.
>
>     I’d like to permit re-use of that validation over and over for the
>     re-use period for that subscriber if possible.  Is there a reason
>     we preclude that?  For example, an email gateway provider might
>     validate this email address and then want to replace certificates
>     more frequently than 397 days, but this would require emails to
>     the email box to act on that.
>
>     Doug
>
>     *From:* Smcwg-public <smcwg-public-bounces at cabforum.org
>     <mailto:smcwg-public-bounces at cabforum.org>> *On Behalf Of *Stephen
>     Davidson via Smcwg-public
>     *Sent:* Wednesday, February 17, 2021 6:02 PM
>     *To:* SMIME Certificate Working Group <smcwg-public at cabforum.org
>     <mailto:smcwg-public at cabforum.org>>
>     *Subject:* [Smcwg-public] Methods for email verification
>
>     Hello all:
>
>     Following our discussion on the call today, I attach draft text
>     for section 3.2.2.2 of the SMIME BR (SBR) that deals with 1)
>     Validating authority over email address via domain and 2)
>     Validating control over email address via email.
>
>     It aims to fulfill the requirements of the Mozilla policy.  It
>     includes comments with some questions that require further
>     discussion.  Additional methods can be addressed in future
>     versions of the SBR.
>
>     Many thanks for Doug and Sebastian at GlobalSign for their help in
>     drafting this.  We’ll discuss this in a future meeting, but feel
>     free to also provide feedback here.
>
>     Many thanks, Stephen
>
>     _______________________________________________
>     Smcwg-public mailing list
>     Smcwg-public at cabforum.org <mailto:Smcwg-public at cabforum.org>
>     https://lists.cabforum.org/mailman/listinfo/smcwg-public
>     <https://lists.cabforum.org/mailman/listinfo/smcwg-public>
>
>
> _______________________________________________
> Smcwg-public mailing list
> Smcwg-public at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/smcwg-public

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20210221/0baafb19/attachment.html>