You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The text for subject:countryName in 7.1.4.2.2.n says that if a Subject's verified country doesn't have an ISO 3166-1 country code then "the CA MAY specify the ISO 3166-1 user-assigned code of XX". Is that the only thing that is permitted or that should be permitted to include as a countryName in this case?
By the current text of the SMIME BRs I don't think there's anything stopping a CA putting the name of the country in the countryName field as long as it's not got an ISO code. The text says the CA MAY do that but that means that they don't have to.
If the Black Panther wanted an SMIME certificate, could a CA issue a certificate containing a subject:countryName attribute with the value "Wakanda"? That is the country that the Black Panther is from, and assuming the CA could be provided with sufficient evidence to meet the standards of verification defined by Section 3.2.3 or 3.2.4, I think the SMIME BRs allow a CA to do this by the current text. Wakanda does not have an ISO 3166-1 country code*, so by the BRs the CA MAY include an attribute with the "XX" code, but (by the current text of the BRs) I don't think they are obliged to if they are including a countryName.
* yes, I did check.
The text was updated successfully, but these errors were encountered:
The text for subject:countryName in 7.1.4.2.2.n says that if a Subject's verified country doesn't have an ISO 3166-1 country code then "the CA MAY specify the ISO 3166-1 user-assigned code of XX". Is that the only thing that is permitted or that should be permitted to include as a countryName in this case?
By the current text of the SMIME BRs I don't think there's anything stopping a CA putting the name of the country in the countryName field as long as it's not got an ISO code. The text says the CA MAY do that but that means that they don't have to.
If the Black Panther wanted an SMIME certificate, could a CA issue a certificate containing a subject:countryName attribute with the value "Wakanda"? That is the country that the Black Panther is from, and assuming the CA could be provided with sufficient evidence to meet the standards of verification defined by Section 3.2.3 or 3.2.4, I think the SMIME BRs allow a CA to do this by the current text. Wakanda does not have an ISO 3166-1 country code*, so by the BRs the CA MAY include an attribute with the "XX" code, but (by the current text of the BRs) I don't think they are obliged to if they are including a countryName.
* yes, I did check.
The text was updated successfully, but these errors were encountered: