Re: [Smcwg-public] [External Sender] Ballot SMC06v2: Post implementation clarification and corrections

OISTE votes Yes to SMC06 > > >> >> Ballot SMC06: Post implementation clarification and corrections >> >> Purpose of Ballot: >> >> The ballot proposes changes to the S/MIME Baseline Requirements to provide >> clarifications and corrections arising from the implementation of the S/MIME >>

Re: [Smcwg-public] [EXTERNAL]-Re: Voting period begins for SMC-05: Adoption of CAA for S/MIME

OISTE votes YES to SMC-05 > > > Von: Smcwg-public > Im Auftrag von Corey Bonnell via > Smcwg-public > Gesendet: Donnerstag, 11. Januar 2024 00:32 > An: SMIME Certificate Working Group > > Betreff: [Smcwg-public]

Re: [Smcwg-public] [EXTERNAL]-Re: VOTE FOR APPROVAL Ballot SMC04: Addition of ETSI TS 119 411-6 to audit standards

OISTE Votes Yes to SMC04 > > Von: Smcwg-public > Im Auftrag von Stephen Davidson > via Smcwg-public > Gesendet: Mittwoch, 1. November 2023 18:08 > An: SMIME Certificate Working Group > > Betreff: [Smcwg-public] VOTE

Re: [Smcwg-public] [EXTERNAL]-Re: Fields for S/MIME CSRs

Well… given that anyone can generate a CSR containing arbitrary information, taking this a a criteria for linking the public key with the “who” can lead to dangerous assumptions. Anyway I understand your exercise and intent. In our case we don’t see fit taking anything from the CSR but the public

Re: [Smcwg-public] [EXTERNAL]-Re: Fields for S/MIME CSRs

That’s an interesting point, but the same than there’s no need to consider the domains coming in the CSR to issue TLS certificates, I personally don’t see the practical need here. For example… We could have an Enterprise RA that can issue certs for any email address in a set of preauthorized

Re: [Smcwg-public] [EXTERNAL]-Re: Fields for S/MIME CSRs

+1 > Le 29 sept. 2023 à 17:52, Clint Wilson via Smcwg-public > a écrit : > > Hi all, > > In my opinion, CSRs should really be limited to conveying the public key and > a proof of possession of the private key; the fields included therein may act > as confirmatory signals for a CA, but

Re: [Smcwg-public] [External Sender] Re: RE: Individual email addresses in OV certs

Adriano, sorry again to you and the group for spamming with non-sense. Not your English, but it’s me not reading properly and the “OV” terminology did mislead me for some reason. Anyhow, I’d be in agreement with what Dimitris just said. We can have the role of a “representative” of the company

Re: [Smcwg-public] [External Sender] Re: RE: Individual email addresses in OV certs

HI Adriano, Sorry, as this is the SM WG I thought you were referring to S/MIME certificates, not to TLS certs. The rule of thumbs that CAs must ensure that any identity information included in a certificate is validated. In particular… latest version of the BR say in 7.1.2.7.4 that the email

Re: [Smcwg-public] [External Sender] RE: Individual email addresses in OV certs

We should maybe just understand that there are companies that don’t have a corporate mail service. IMHO… Once the mailbox is validated, the domain component is not relevant. Le 16 sept. 2023 à 07:23, Adriano Santoni via Smcwg-public a écrit : Hi Jochem, thanks for