There are lots of useful ways to publish unverified and potentially inaccurate information.
Putting that information into a certificate signed by a public Certificate Authority is not one of them. By the way, OUs need to be accurate as well, not just "partially verified", so you might want to look into that part of your processes as well. BR 7.1.4.2: "By issuing the Certificate, the CA represents that it followed the procedure set forth in its Certificate Policy and/or Certification Practice Statement to verify that, as of the Certificate's issuance date, all of the Subject Information was accurate." -Tim > -----Original Message----- > From: dev-security-policy <[email protected]> On > Behalf Of pekka.lahtiharju--- via dev-security-policy > Sent: Tuesday, August 21, 2018 10:45 AM > To: [email protected] > Subject: Re: Telia CA - problem in E validation > > I believe it has been useful to our users even though it was only partially > verified like OU. Now when it no more exists it certainly won't provide any help > to anybody. > > _______________________________________________ > dev-security-policy mailing list > [email protected] > https://clicktime.symantec.com/a/1/tLUDvyC5tYQiVfqxZIo-c6Uq1a- > jYOSGbZgRSHyUu1I=?d=zx9qYFefn2ZoXZK3hmoD2hX8Ch__jFtWDZM2CKgWQJ > Ch5jZYL0ITP0GCk4W9UJI_8nQ6wryVSVMb4y504R9AbIRgEYDp_Umfk051kQR7s > GVVgzxufqgL7iW3mtbBnroiKhwVEtkMa0IAxmXRTpWu9- > pldvu8X2WSILON7AWHr-Twz3K3XJ0Ta9hXzKo2YjG4Qhxied- > um1T97LsQ8H4mpGKC- > zWuvaCTASohQCwcYAYMEhBqMfI9QS5AYzG3Ba5k10Kum32iQh9lrzUZP- > 1JnjpJ8PRepHhaa7uNWbZbK_3JMKc_e6PKjA7dXMIqsa846_H9JlvO8TS4cmrHLv > U0EkO0yv8s75TfAUqiRJlODRxOdcmNpG7-IByKbQxcsYwj1ZFmGkThjIl0AVQ_Y- > GBp7X48byWDcHqqEkf10tsuQ%3D%3D&u=https%3A%2F%2Flists.mozilla.org% > 2Flistinfo%2Fdev-security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
