No, the reason it exists is exactly as I described. One individual refused to
support SC-17 unless it was included, and SC-17 was very important to allow
publicly-trusted PSD2 certificates to be issued. So everybody just sort of
cringed and included it, despite the fact that it wasn’t
Hi Tim,
I had thought the point of including cabfOrganizationIdentifier was to enable
deprecation of subject:organizationIdentifier, rather than the inverse. It
seems it would be minimally appropriate to understand the discussions and/or
actions ETSI has taken post SC17 to address the topic of
Ballot SC17 added the cabfOrganizationIdentifer, which duplicates the
information encoded in the subject:organizationIdentifier field, just in a
different format/encoding. The subject:orgID field is standardized by ETSI
and used in the processing of eIDAS certificates; on the other hand, to
