[cabfpub] EV CS requirements are contradictory
Ryan Sleevi
sleevi at google.com
Mon Mar 23 17:51:09 MST 2015
>From Peter
---------- Forwarded message ----------
From: Peter Bowen <pzbowen at gmail.com>
Date: Mon, Mar 23, 2015 at 5:49 PM
In the EV CS spec, section 9.2.2 says "Subject Alternative Name Extension:
This field should not be included in the EV Code Signing Objects."
However 9.7 says "the Certificate MUST include a
SubjectAltName:permanentIdentifier"
The definitions says "EV Code Signing Object: An EV Code Signing
Certificate issued by a CA or an EV Signature provided by a Signing
Authority."
So clearly an object is a certificate and it should not but also MUST
include a SAN. I'm confused. Is 9.2.2 just wrong?
Thanks,
Peter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20150323/72f07cc9/attachment.html
More information about the Public
mailing list