Eddy Nigg (StartCom Ltd.) wrote: > > Now, you are right that this is certainly fine for people in the > knowledge of the respective language and character set. But what about > the rest? How can somebody make a judgment on the basis of the > certificate details if the vast majority can't read it? Shouldn't this > be handled as with other international legal documents such as > passports, international driving licenses, Red Cross employee cards etc?
I agree with Eddy on this. When defining cert profiles for CAs I always take into consideration the set of relying participants. If the certs are to be used globally they SHOULD be readable to the international public like other international legal documents. This is not a technial issue. > Which content should be in the C field for example? It's common to > use international two letter codes for country, but can this be actually > just anything? Like /C=לא רוצה להגיד For this particular attribute one should stick to the two-letter country code (ISO 3166) as defined in X.520 section 5.3.1. Note that RFC 3280 also refers to X.520 (1993) in this regard. Ciao, Michael. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto