On Fri, Mar 17, 2017 at 8:09 PM, Kirk Hall via Public <public@cabforum.org> wrote:
> in general, I think a country should be able to decide that for itself. > It sounds like you're opposed to including identity information in certificates, or at least opposed to providing a standard that Browsers might be able to rely on, because this impinges on the ability of countries to set their own policies. Is this correct? If not, could you highlight why you don't believe a country should also be able to set its own requirements as to what fields appear in a certificate (as practiced by various government PKIs, as the recent discussion with Li-Chun presents). Do you also believe countries should be able to set their own rules on how domains are validated? If not, could you explain what the difference is? This would be useful and insightful to understand how to put what appears to be two logically and practically inconsistent views together - that Entrust supports identity information in certificates, but opposes mandating how that information is encoded or validated. How can relying parties effectively use this information?
_______________________________________________ Public mailing list Public@cabforum.org https://cabforum.org/mailman/listinfo/public