Hi,
I agree with your summary, Ben, but am struggling with the “how” and the “when”.
I don’t know if I’m alone in this, but it would be helpful to me to have the
concerns that have been raised also outlined in text somewhere (ideally with
details and data and all that good stuff). To be
Hi Judith,
As I understand it, the proposed change is purely additive. That is, currently
there are no approved frameworks in the SBRs meaning that there is no way for a
compliant CA to rely upon a digital signature as evidence for the collection of
Individual identity attributes (or any other
Apple votes YES on Ballot SMC06v2.
> On Apr 4, 2024, at 11:15 AM, Stephen Davidson via Smcwg-public
> wrote:
>
> Ballot SMC06: Post implementation clarification and corrections
>
> Purpose of Ballot:
>
> The ballot proposes changes to the S/MIME Baseline Requirements to provide
>
Apple votes YES on Ballot SMC-05.
> On Jan 10, 2024, at 3:32 PM, Corey Bonnell via Smcwg-public
> wrote:
>
> Ballot SMC05: Adoption of CAA for S/MIME
>
> Purpose of Ballot:
>
> The ballot proposes changes to the S/MIME Baseline Requirements to introduce
> the use of Certification
While I think I agree with the intent of Tim’s statement (especially in the
context of this discussion and its applicability thereto), taken literally I
believe it is stating something with broader impact than intended.
What I mean is that it’s important to carry the complete context of an OID
Hi all,
In my opinion, CSRs should really be limited to conveying the public key and a
proof of possession of the private key; the fields included therein may act as
confirmatory signals for a CA, but shouldn’t be directly relied upon e.g. to
generate a tbsCertificate. Rather, the values
Hi Rob,
I think minimally filing an issue in https://github.com/cabforum/smime/issues
would be a good thing to do to track this potential conflict.
FWIW, I also think the issue identified is indeed an issue (though probably not
major) and your proposed updates seem reasonable to me as well.
