On Fri, Feb 12, 2016 at 02:00:26AM -0800, [email protected] wrote:
> Regarding this point, how will be addressed the issue about
> AdministrativeID (directoryName) in SAN of electronic offices?
>
> As it has been said, all Spanishs CAs are issuing certs in this way in
> order to comply with all applicable law related to eGovernment and
> identification of eOffices. As stating at section 8 of BRs they are
> oblied to do so.
I assume that by "section 8 of BRs", you are referring to the point which
states, "The CA SHALL at all times issue certificates and operate its PKI in
accordance with all law applicable to its business and the Certificates it
issues in every jurisdiction it which it operates"?
If so, have you complied with the next paragraph of section 8 of the BRs,
which states "The parties involved SHALL notify the CA/Browser Forum of the
facts, circumstances, and law(s) involved, so that the CA/Browser Forum may
revise the requirements accordingly."?
If you haven't, then you're acting in bad faith by attempting to selectively
apply the provisions of the BRs, rather than taking them as a whole in the
spirit which they were intended. If you *have*, then it would be valuable
to summarise the deliberations of the Forum here, so that the Mozilla
community may evaluate the outcomes of those deliberations with regards to
the relevant Mozilla policies.
> It should be an exception to support this special feature.
No, the CABF should amend the requirements to match reality, and then
everyone else can change their tools as a result.
- Matt
--
I really didn't foresee the Internet. But then, neither did the computer
industry. Not that that tells us very much of course -- the computer
industry didn't even foresee that the century was going to end.
-- Douglas Adams
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
