What should the "Organization Name" be for a personal / family website?

1 view
Skip to first unread message

Dan Harkless

unread,
Nov 25, 2002, 1:04:14 PM11/25/02
to
Howdy. I need to generate a CSR for an SSL cert. for my personal
website, <http://harkless.org/>. I'm quite unsure what to put in the
"Organization Name" field, though. I did a bunch of searching and the
hint always given for this is "your company name", and of course,
there isn't one, in my case.

Nor is there an obvious non-company organization. The site is
primarily used by me, but other family members have pages too, so I
guess I could put:

Harkless family

Of course, if one looks at my WHOIS record, that string doesn't
appear. The "Registrant" is simply my name. So I guess I could put:

Dan Harkless

but it's pretty weird to consider an individual an "Organization". I
could put just the name of the site:

harkless.org

but I feel kind of weird including "harkless.org" as two different
fields (since that's the canonical name I'm going to get the
certificate for).

Or should I leave the Organization Name blank, as I was planning on
doing for the Organizational Unit Name? Or do CAs refuse to sign CSRs
with blank "Organization Name" fields? (I couldn't find such details
on the sites of any of the CAs I'm considering using.)

Any advice??

--
Dan Harkless
use...@harkless.org
http://harkless.org/dan/

ne...@roaima.freeserve.co.uk

unread,
Nov 26, 2002, 10:14:58 AM11/26/02
to
Dan Harkless <use...@harkless.org> wrote:
> Howdy. I need to generate a CSR for an SSL cert. for my personal
> website, <http://harkless.org/>. I'm quite unsure what to put in the
> "Organization Name" field, though. [...]

> I guess I could put:
> Harkless family

Seems fine from here. At the end of the day, the certificate is about
"proving" who you are (for which SSL certificates fail miserably anyway).

> could put just the name of the site:
> harkless.org

Rather than www.harless.org? Your call.

Chris
--
@s=split(//,"Je,\nhn ersloak rcet thuarP");$k=$l=@s;for(;$k;$k--){$i=($i+1)%$l
until$s[$i];$c=$s[$i];print$c;undef$s[$i];$i=($i+(ord$c))%$l}

Dan Harkless

unread,
Nov 26, 2002, 2:53:27 PM11/26/02
to
ne...@roaima.freeserve.co.uk wrote:
> Dan Harkless <use...@harkless.org> wrote:
> > Howdy. I need to generate a CSR for an SSL cert. for my personal
> > website, <http://harkless.org/>. I'm quite unsure what to put in the
> > "Organization Name" field, though. [...]
>
> > I guess I could put:
> > Harkless family
>
> Seems fine from here. At the end of the day, the certificate is about
> "proving" who you are (for which SSL certificates fail miserably anyway).

Well, as it turns out, I settled on Thawte as my CA. They're more
expensive than most of the competition, but Eudora and EudoraWeb for
Palm OS have only Thawte, Verisign, and Certicom root certificates
installed (which turns out to be important in my case), and they're
much cheaper than Verisign (plus Certicom exited the SSL cert. biz).

As I said, Thawte doesn't document on their site itself what the
policy is for Organization Names when there isn't a company involved.
However, if you start the process of actually buying a certificate,
they give you a link to:

http://www.thawte.com/guides/StepByStepEnrolmentSSLSGC.pdf

and that does state the policy, that if you're not a company, you need
to register in your personal name, with your personal name in the
Organization Name field (so "Dan Harkless" in this case). Not sure if
that turns out to be the most common policy or not, with the various
CAs. I imagine that for the CAs that only verify you electronically,
rather than requiring notarized copies of real-world forms like
Thawte, it doesn't matter much what you put in the "O" field.

BTW, the statement (or misimplication, depending on how you read it)
in that PDF that Thawte only issues private individual certificates to
people _outside_ the U.S. is incorrect.



> > could put just the name of the site:
> > harkless.org
>
> Rather than www.harless.org? Your call.

Yeah, the "www." is redundant and just a waste of keystrokes. The
domain name and the fact that you're connecting on port 80 (or 443)
are enough to establish that you're talking about a website. With
.com sites, the "www." allows you to take advantage of browsers that
prepend "www." and append ".com" if you type in a simple name (though
most of them nowadays seem to do some annoying "smart browsing" search
instead), but since I'm a .org, I can't take advantage of that. So if
the whole thing needs to be typed, no need forcing a "www.".

Besides, I'll also be using SSL for my mail access, and I'd feel silly
typing in "www.harkless.org" as a mailserver.

Reply all
Reply to author
Forward
0 new messages