[cabf_validation] Revision to OU requirements

Ryan Sleevi sleevi at google.com
Mon Aug 31 07:33:07 MST 2020


On Mon, Aug 31, 2020 at 8:30 AM Richard Smith <rich at sectigo.com> wrote:

> Ryan,
>
> We’re not completely against the idea of removing OU altogether, however
> there are a couple of use cases that I think are both legit and
> verifiable/auditable, though there may be better ways than keeping OU alive
> to accommodate them.  I’m still looking into the particulars and will post
> more detail shortly.
>

Can you share which ones are relevant to the use of TLS in browsers? I'm
not aware of any browsers that use this field, and thus can think of plenty
of harm that would be caused by continuing the (mis)use of this field.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/validation/attachments/20200831/98afcb85/attachment.html>


More information about the Validation mailing list