I agree with this. Just because I can't read it doesn't mean that it's wrong. If someone capable of and trusted to verify the authenticity has done the due diligence, I say leave it at that.
On Dec 6, 2007 12:50 PM, Gervase Markham <[EMAIL PROTECTED]> wrote: > Eddy Nigg (StartCom Ltd.) wrote: > > Gervase Markham wrote: > >> Eddy Nigg (StartCom Ltd.) wrote: > >> > >>> I explained it before. Because YOU can't read the subject line > >>> /C=ישראל/ST=דרום/O=סטארטקום בע"מ/CN=אדי ניק > >>> It's completely useless to you. > >> > >> Absolutely. So I would seriously consider not trusting a site with > >> such a subject line. > >> > > Exactly! And if the majority shouldn't trust a certificate with such a > > subject, neither should Mozilla (policy wise)! > > That doesn't follow. If we include a certificate from a Turkish CA which > has a Turkish subject line, that's fine for Turkish people. > > The letters they include here say nothing about their _trustworthiness_, > merely about my ability to evaluate it. > > > No, that's not what I suggested, rather to stick what most CAs in any > > case do already. Stick to Latin characters...use the content of the > > passport or driving license for example. This is what Verisign and other > > CAs do in Japan for example. Most likely also in other countries. > > EV is going to have Japanese letters, I know that for a fact because > there was a big discussion about it. I don't know what decision they > came to on also including a Romanisation. (Problems can arise because > some scripts have no official Romanisation, so there are several ways of > doing it.) > > I don't think it's right for us to put restrictions in this area. > > Gerv > _______________________________________________ > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto > -- moo. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
