My 2c regarding SSL certificates. We need to treat SMIME certificates and TLS certificates differently. Domain names in TLS certificates are stored as A-label, so we need to be sure that CAs software allows various domain name as CN (e.g. OpenSSL does not) and the CN visualization in various OS/browsers/etc fits all the requirements. In contrast, there are no implementations of the RFC 8398 support (SMIME certificates) except for mine. It's reasonable because of RFC 8398 is much younger and there is little interest to SMIME. On Tue, Sep 24, 2019 at 8:26 AM Mark Svancarek (CELA) via UA-EAI < ua-eai@icann.org> wrote:
As requested _______________________________________________ UA-EAI mailing list UA-EAI@icann.org https://mm.icann.org/mailman/listinfo/ua-eai
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
-- SY, Dmitry Belyavsky