[Smcwg-public] Enterprise RAs methods for validation of mailbox authorization or control
Christophe Bonjean
christophe.bonjean at globalsign.com
Tue Jan 24 09:49:02 UTC 2023
Hi all,
Section 1.3.2.1 Enterprise registration authorities restricts the mailbox
control validation methods:
* Organization-validated or sponsor-validated: Section 3.2.2.1 (domain
based) or Section 3.2.2.3 (operator of server).
* Mailbox-validated: Section 3.2.2.2 (email challenge).
The restriction of profile and validation method seems to prohibit:
* Enterprise RAs to issue mailbox-validated certificates based on
domain validation (3.2.2.1) or as operator of server (3.2.2.3).
* Enterprise RAs to issue sponsor-validated certificates based on
email challenges (3.2.2.2) - probably less common.
Is this an intentional restriction? Should we re-visit this topic?
Christophe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20230124/2ced1a16/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 8436 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20230124/2ced1a16/attachment-0001.p7s>
More information about the Smcwg-public
mailing list