- From: Johnathan Nightingale <johnath@mozilla.com>
- Date: Fri, 7 Mar 2008 09:11:31 -0500
- To: "Mary Ellen Zurko" <Mary_Ellen_Zurko@notesdev.ibm.com>
- Cc: public-wsc-wg@w3.org
- Message-Id: <0672F012-47C4-4677-84B5-5EA214C97E19@mozilla.com>
On 7-Mar-08, at 8:58 AM, Mary Ellen Zurko wrote: > We had an excellent discussion of section 6.1 at our last call, but > didn't quite make it to polling and consensus. Here's the roundup of > issues as I remember them and some proposals. The minutes are at: > http://www.w3.org/2008/03/05-wsc-minutes.html#item06 I'm sorry I missed it, and will read the minutes with some interest. In the meantime, though, just a quick reaction to one bit: > Issue 6) need to allow for o= not being present > MUST include the Subject field's Organization attribute It wasn't clear to me if this was intended to apply only to AA certs, or to "regular" certs as well, but purely as an FYI, EV certs are required to have an O field. Arguably the change makes sense anyhow, since there may come to pass some other brand of AA cert with different requirements, but it would surprise me a great deal to find a cert that had had extensive identity verification and failed to use the O field. Obviously, if this text is meant to apply to DV as well, then it makes more sense, since those certs may well (and in real world cases sometimes do) have no O field, but I'm not sure we'd be recommending showing the O field for DV certs anyhow. Cheers, Johnathan --- Johnathan Nightingale Human Shield johnath@mozilla.com
Received on Friday, 7 March 2008 14:11:48 UTC