Eddy Nigg (StartCom Ltd.) wrote: > Gervase Markham wrote: >> Eddy Nigg (StartCom Ltd.) wrote: >> >>> I explained it before. Because YOU can't read the subject line >>> /C=ישראל/ST=דרום/O=סטארטקום בע"מ/CN=אדי ניק >>> It's completely useless to you. >> >> Absolutely. So I would seriously consider not trusting a site with >> such a subject line. >> > Exactly! And if the majority shouldn't trust a certificate with such a > subject, neither should Mozilla (policy wise)!
That doesn't follow. If we include a certificate from a Turkish CA which has a Turkish subject line, that's fine for Turkish people. The letters they include here say nothing about their _trustworthiness_, merely about my ability to evaluate it. > No, that's not what I suggested, rather to stick what most CAs in any > case do already. Stick to Latin characters...use the content of the > passport or driving license for example. This is what Verisign and other > CAs do in Japan for example. Most likely also in other countries. EV is going to have Japanese letters, I know that for a fact because there was a big discussion about it. I don't know what decision they came to on also including a Romanisation. (Problems can arise because some scripts have no official Romanisation, so there are several ways of doing it.) I don't think it's right for us to put restrictions in this area. Gerv _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto