...
| displayName | urn:oid:2.16.840.1.113730.3.1.241 | Johnny Doe | USED for CN. See below |
| cn | urn:oid:2.5.4.3 | John Doe | fallback for CN. See below |
| sn | urn:oid:2.5.4.4 | Doe | fallback for CN. See below |
| givenName | urn:oid:2.5.4.42 | John | fallback for CN. See below |
urn:oid:0.9.2342.19200300.100.1.3 | johndoe@example.edu | yes | |
eduPersonPrincipalName | urn:oid:1.3.6.1.4.1.5923.1.1.1.6 | jd@example.edu | yes |
eduPersonEntitlement | urn:oid:1.3.6.1.4.1.5923.1.1.1.7 | urn:mace:terena.org:tcs:personal-user | yes (see authorization) |
schacHomeOrganization | urn:oid:1.3.6.1.4.1.25178.1.2.9 | example.edu | yes |
...
If the Subject Identity Information is to include the name or address of an organization, the CA SHALL verify the identity and address of the organization and that the address is the Applicant’s address of existence or operation. The CA SHALL verify the identity and address of the Applicant using documentation provided by, or through communication with, at least one of the following: 1.
- A government agency in the jurisdiction of the Applicant’s legal creation, existence, or recognition;
...
- A third party database that is periodically updated and considered a Reliable Data Source;
...
...
- A site visit by the CA or a third party who is acting as an agent for the CA; or
...
- An Attestation Letter.
The CA MAY use the same documentation or communication described in 1 through 4 above to verify both the Applicant’s identity and address. Alternatively, the CA MAY verify the address of the Applicant (but not the identity of the Applicant) using a utility bill, bank statement, credit card statement, government-issued tax document, or other form of identification that the CA determines to be reliable.
...