Skip to Content.
Sympa Menu

cacert-policy - Re: [CAcert-Policy] Brainstorming Session on Names

Subject: Policy-Discussion

List archive

Re: [CAcert-Policy] Brainstorming Session on Names

Chronological Thread 
  • From: Iang <iang AT>
  • To: Policy-Discussion <cacert-policy AT>
  • Subject: Re: [CAcert-Policy] Brainstorming Session on Names
  • Date: Wed, 26 Sep 2007 09:36:14 +0200
  • List-archive: <>
  • List-id: Policy-Discussion <>

Sebastian Kueppers wrote:

Evaldo: Thank your for starting this discussion, I'm begging for such a
policy for about a year now...

Yes, the CPS also begs...  Hmmm, it says:

3.1.4. Rules for interpreting various name forms

Names are administered by means of the User's account. The rules themselves may be varied on short notice by CAcert as fraud such as phishing is moving too quickly for 'policy' documents.

Another one not so uncommon around here:
- People changing their last name after marriage

I think that is a minor problem, because (at least in germany) you'll
get an official certificate stating the change of name.

OK, so the assurer can work with it. Is the system set up to support that change?

If there are still issues with CAcert certificates and UTF-8 I think we
should (better: we have to) provide a possibility to avoid these issues.
Either by making the certificates working with UTF-8 or by allowing
transliteration of problematic characters.

Hmm. Good point. OK, so what does the system do if your name includes an umlaut?

For example one thing I always considered ok was the german "eszet" (�)
character which is represented in ID cards as SZ, since ID cards only
use capital chars. But of course the name might have been czech or
hungarian where "sz" is a not so uncommon combination...

Another problem are the Certificates itself. If I remember correctly
there have been some issues about UTF-8 and X.509 certificates...
And if we allow substitution of loacal special chars into some
ASCII-counterpart we would need a comprehensive list of allowed

Yes, ok so potentially we have:

User's Name(s) ==> CAcert-assigned Name(s) ==> x.509 Name(s)


Archive powered by MHonArc 2.6.16.

Top of Page