- From: Michael(tm) Smith <mikes@opera.com>
- Date: Wed, 22 Nov 2006 09:06:46 +0900
- To: public-wsc-wg@w3.org
"Close, Tyler J." <tyler.close@hp.com>, 2006-11-20 21:52 -0600: > For ACTION-13: Elaborate on multiple certificates & domains for session > servers case > > A user has a relationship with a legal entity like a person, or a > company, not with a domain name. [...] Just as a point of clarification: I don't know if a person is normally considered a "legal entity" in the way the word is used in law. In the way I usually see it used a least, "legal entity" most often refers to an organization that's recognized by a government as having some legal existence as an individual entity; basically, a corporation (or equivalent of a corporation in whatever jurisdiction that organization is recognized in). In that sense, there are some classes of businesses that are not government-recognized legal entities: sole proprietorships, partnerships, and other kinds of unincorporated organizations. They aren't really true companies in the sense that they can be separated from the people running them -- they're simply a person or persons "doing business as" as a certain name. It may be an important distinction to make in security discussions, because with regard to fraud protection, if there is a need to identify/verify the association between organization and the business name and domain name that it uses, the existence of the business as a corporation (or similarly government-recognized legal entity in a particular jurisdiction) provides a clear way to do that (which existence as a sole proprietor or partnership does not). --Mike
Received on Tuesday, 21 November 2006 15:06:04 UTC