On Fri, May 19, 2017 at 11:04 AM, Jakob Bohm via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote:
> On 19/05/2017 16:15, Gervase Markham wrote: > >> On 19/05/17 14:58, Jakob Bohm wrote: >> >>> Because the O and other dirname attributes may be shown in an e-mail >>> client (current or future) as a stronger identity than the technical >>> e-mail address. >>> >> >> Do you know of any such clients? >> >> > No, but it would be similar to how Fx displays that field in EV certs, > so a future Thunderbird, or a non-Mozilla client could reasonably do > something similar, even at OV level. It sounds like that issue should be dealt with when there are Mozilla clients that require such use case. For example, the recognition of EV involves a whole separate set of additional policies, for which OV is not suitable. The notion of EV S/MIME, as terrible as it is from a security and usability perspective, would minimally need to account for that in light of the existing lack of standards regarding S/MIME issuance. It does not seem useful or productive for Mozilla's Root Store to attempt to solve that abstract case for which there are no direct Mozilla product consumers, particularly when it can entirely be addressed at a later time. > Keeps it short and simple and subject to well-understood policies. Avoiding that policy requirement entirely avoids introducing feature creep for unspecified and unused features. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy