That's accurate, but the real question goes back to a discussion we previously
had at the CAB forum that I don't think was answered - what is a locality vs. a
state vs. an address?
In Sept 2019, we put in code that requires this be checked against however map
software defines it, allowing locality = city or county. However, before that
the guidance was that locality = locality= whatever the address lookup during
verification confirmed was locality. Before revoking this particular cert, I
figured we needed a clear working definition on locality since I didn't want a
subjective review of all certs issued prior to Sept 2019. Does anyone know of
a definition to use? We (DigiCert) currently uses ISO 3166-2 to define states,
but I know even that is not universally held (based on the previous discussion
about adopting it as the definition).
-Original Message-
From: dev-security-policy On
Behalf Of George via dev-security-policy
Sent: Friday, June 26, 2020 3:05 PM
To: dev-security-policy@lists.mozilla.org
Subject: Clear definition of a "locality"
I sent a problem report to rev...@digicert.com regarding the locality field in:
https://crt.sh/?q=12EC8C05667173603367E8F93B7FDCA7EC60F9838EF3B72A4483BAF48DE48F4B
Jeremy Rowley replied stating that he believed the locality was correct as
there was no clear definition of a locality, can we get a clear definition of
this?
If these are considered localities then the streetAddress field seems to be
obsolete?
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy