On Tuesday, April 24, 2018 at 4:33:24 PM UTC-4, Henri Sivonen wrote: > On Tue, Apr 24, 2018 at 10:18 PM, Jeremy Rowley via > dev-security-policy <[email protected]> wrote: > > That is correct. We use transliteration of non-latin names through a system > > recognized by ISO per Appendix D(1)(3) > > But "Säästöpankkiliitto osk" is not a non-Latin name! (It is a > non-ASCII name.) Also, no such transliteration is applied to > "Ålandsbanken Abp", so evidently there's no technical necessity for > transforming the name. > > Clearly, D(1) does not apply (the name is not non-Latin). D(2) doesn't > make sense (it doesn't make sense to Romanize a Latin-script name). > D(3) is about *translated* names (the organization has translated > names [in Swedish and in English], but the name on the certificate is > neither of those). > > -- > Henri Sivonen > [email protected] > https://hsivonen.fi/
Although the EV Guidelines don’t explicitly state this, I think it’s reasonable to interpret the EV Guidelines’s use of “Latin characters” as the characters comprising the ISO basic Latin alphabet (https://en.wikipedia.org/wiki/ISO basic Latin_alphabet) or the characters in the Basic Latin Unicode Block (https://en.wikipedia.org/wiki/Basic_Latin_(Unicode_block)). Since the original Organization Name contains characters outside that alphabet/code block, it is reasonable to interpret Appendix D as being applicable to these Finnish organization names. In addition, although Digicert has the technical capability to issue certificates with UTF-8 Organization Names, certain technical realities, such as client or server application software being unable to handle non-ASCII characters in certificate subject fields, would require that the Organization Name be represented in ASCII only. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
