[cabfpub] Proposed new ballot on IP Addresses in SANs
Richard Barnes
rbarnes at mozilla.com
Fri Apr 15 15:43:04 MST 2016
Rick: This seems pretty abusive. Given that apparently you've gotten along
without this so far, what's the compelling use case?
On Fri, Apr 15, 2016 at 6:09 PM, Rick Andrews <Rick_Andrews at symantec.com>
wrote:
> It’s come to our attention that all versions of Windows prior to Windows 10
> cannot handle SANs of type IPAddress. Those older versions correctly handle
> IP addresses in SANs if they are of type dNSName. Jody from Microsoft has
> confirmed this.
>
> I’d like to propose a ballot to allow IP addresses in SANs of type dNSName
> to allow for this. Jody has said he would endorse. I need another endorser.
> The proposed change is this (added text between + signs):
>
> 7.1.4.2.1 Subject Alternative Name Extension
> Each entry MUST be either a dNSName containing the Fully‐Qualified Domain
> Name +or the IP address of a server,+ or an iPAddress containing the IP
> address of a server
>
> -Rick
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20160415/2f3acdf9/attachment.html
More information about the Public
mailing list