Re: [cabfpub] [EXT] Re: Naming rules

2017-03-21 Thread Tarah Wheeler via Public
Are we anticipating no possible conflicts in the future over naming when it comes to specifically Taiwanese-unique names? -- Tarah M. Wheeler Principal Security Advocate and Sr Director of Engineering - Website Security - Delivering Confidence for Customers and Consumers by Securing Websites

Re: [cabfpub] Naming rules

2017-03-21 Thread Gervase Markham via Public
On 21/03/17 10:51, Jeremy Rowley via Public wrote: > Despite the discussion today, I’m still not clear on why the cert can’t > include locality information. The short answer to this question is: a) they want to use their existing X509 names, which don't include it b) it's safe to not include

Re: [cabfpub] Naming rules

2017-03-21 Thread Jeremy Rowley via Public
Despite the discussion today, I’m still not clear on why the cert can’t include locality information. Although there is a national registry, what prohibits a CA from adding the Locality information based on address? Even if there are multiple localities for an organization, does that matter? Can’t

Re: [cabfpub] Meaning of BR 9.16.3

2017-03-21 Thread Ryan Sleevi via Public
Kirk, I'm afraid you've misunderstood my argument. We're actually in agreement on this point. However, if you recall the ample discussion during the Scottsdale F2F, the arguments I presented here on the mailing list were very much the topic of discussion then. The goal is to ensure there is

Re: [cabfpub] C=GR, C=UK exceptions in BRs

2017-03-21 Thread Geoff Keating via Public
> On Mar 20, 2017, at 5:59 AM, Dimitris Zacharopoulos wrote: > > On 20/3/2017 11:05 πμ, Geoff Keating wrote: >> >> I also do not see where the EU has actually approved, requested, suggested, >> or even hinted at the use of this value in certificates. A specific >>

[cabfpub] Meaning of BR 9.16.3

2017-03-21 Thread Kirk Hall via Public
(Changing the Subject for this discussion) Ryan, I don’t think you are reading BR 9.16.3 correctly when you posted this: “The purpose of 9.16.3 is only to allow such a CA to operate until the Forum - or, more aptly, its Browser/Root Store members - have made a determination about the

Re: [cabfpub] What is identity anyway? Was: C=GR, C=UK exceptions in BRs

2017-03-21 Thread Ryan Sleevi via Public
Phillip, That does sound like a rather personal attack, questioning the person rather than the facts. I would be happy to provide source and citations that conflict with your representation of the history. That said, perhaps we can focus on the substance of my request, which is: What is your

Re: [cabfpub] What is identity anyway? Was: C=GR, C=UK exceptions in BRs

2017-03-21 Thread philliph--- via Public
Since I was there and you were not, I don’t see how you think you can tell me what really happened. > On Mar 21, 2017, at 9:48 AM, Ryan Sleevi wrote: > > Phillip, > > I must confess, it's hard to see what point you're attempting to make, so I'm > hoping you might take

Re: [cabfpub] C=GR, C=UK exceptions in BRs

2017-03-21 Thread Ryan Sleevi via Public
Phill, I'd be happy to correct or apologize on-list if you would happy to discuss off-list what you believe is a personal attack. I'm sure if you re-read my statement, you will see it questions the quality and validity of your arguments, and not you as a person, and so I do not believe it is fair

Re: [cabfpub] C=GR, C=UK exceptions in BRs

2017-03-21 Thread Dimitris Zacharopoulos via Public
On 21/3/2017 2:44 μμ, phill...@comodo.com wrote: Ryan, ‘ Do you think you could at least try to conduct your discussion here in an approximately professional fashion? The constant personal attacks are really unhelpful. Phill Philliph, I didn't take Ryan's reply as a personal attack. I

Re: [cabfpub] C=GR, C=UK exceptions in BRs

2017-03-21 Thread philliph--- via Public
Ryan, ‘ Do you think you could at least try to conduct your discussion here in an approximately professional fashion? The constant personal attacks are really unhelpful. Phill > On Mar 20, 2017, at 11:44 PM, Ryan Sleevi via Public > wrote: > > Dimitris, > >

Re: [cabfpub] C=GR, C=UK exceptions in BRs

2017-03-21 Thread Ryan Sleevi via Public
On Tue, Mar 21, 2017 at 3:04 AM, Dimitris Zacharopoulos wrote: > > As mentioned elsewhere, these documents don't apply from a 9.16.3 or from > a perspective of law. Further, I think you can agree that even if we accept > such documents, their scope is to apply to a

Re: [cabfpub] Naming rules

2017-03-21 Thread realsky(CHT) via Public
Dear Kirk,Ben,Dimitris and Jeremy, Good morning. Although most of the time of CP reviewing WG today will focus on the ballot Dimitris proposed. Would you mind giving me thirty minutes to present "Amendment of SSL BR 7.1.4.2.2 :Add Section K for existing PKI" propsed by Wen-Cheng Wang ?

Re: [cabfpub] Results on Ballot 187 - Make CAA Checking Mandatory

2017-03-21 Thread Gervase Markham via Public
Hi, On 20/03/17 22:02, y-iida--- via Public wrote: > New text reads: >CAA checking is optional for certificates for which a >Certificate Transparency pre-certificate was created and >logged in at least two public logs, and for which CAA was >checked. > > This ends with ``for

Re: [cabfpub] C=GR, C=UK exceptions in BRs

2017-03-21 Thread Dimitris Zacharopoulos via Public
On 21/3/2017 5:44 πμ, Ryan Sleevi wrote: Dimitris, Thanks for providing concrete reasons to support such a change. Replies inline. On Mon, Mar 20, 2017 at 4:03 AM, Dimitris Zacharopoulos > wrote: Let me try to provide some reasons in favor