On Thursday, May 31, 2018 at 3:07:36 PM UTC-7, Matthew Hardeman wrote: > On Thu, May 31, 2018 at 4:18 PM, Peter Saint-Andre via dev-security-policy < > [email protected]> wrote: > > > > > > We can also think of many business types (e.g., scammers) that would > > love to have names like ⒶⓅⓅⓁⒺ but that doesn't mean it's smart to issue > > certificates with such names. The authorities who approve of company > > names don't necessarily have certificate handling in mind... > > > > Indeed. Most of the government offices responsible for approving entity > creation are concerned first and foremost with ensuring that a unique name > within their jurisdiction is chosen and that a public record of the entity > creation exists. They are not concerned with risk management or > legitimacy, broadly speaking. > > Anyone at any level of risk management in the rest of the ecosystem around > a business will be concerned with such matters. Banks, trade vendors, etc, > tend to reject accounts with names like this. Perhaps CAs should look upon > this similarly.
re: Most of the government offices responsible for approving entity creation are concerned first and foremost with ensuring that a unique name within their jurisdiction is chosen What makes you say that, most jurisdictions have no such requirement. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
