On Thu, Feb 06, 2020 at 09:31:40PM +0000, Doug Beattie via dev-security-policy wrote: > I don't agree that the CA MUST validate EVERY field. CAs leverage > enterprise RAs to validate some information in SMIME certificates, e.g., the > subscribers name in the CN field because the CA can't readily validate that.
I don't care who does the validation, just that it's validated. Kurt _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy