[cabfpub] BR "corrections" ballot
rob.stradling at comodo.com
Mon Mar 21 11:23:16 UTC 2016
On 21/03/16 10:59, Gervase Markham wrote:
> Hi Peter,
> On 19/03/16 16:26, Peter Bowen wrote:
>> 3) Explicitly allow the commonName in the Subject to contain domain
>> names encoded using U-labels (meaning a certificate can have
>> "xn--vernderung-s5a.com” in the SAN and “veränderung.com” in the CN)
> Can you explain this one a bit more? It seems to make sense to me that
> the CN value is always exactly duplicated in the SAN, even if other
> values are also present. Are you proposing relaxing that requirement?
Hi Gerv. This has been common practice for years:
See also this thread from a couple of months ago:
>> 4) Allow “_” in FQDNs
> Domain names may have underscores, but hostnames may not, at least
> according to:
> Are the things we put in certificates hostnames? Given that SSL is for
> connecting to internet hosts, it would seem to me that they are. Clue me
> in by explaining what I'm missing.
"You've entered a special hell. It is dark and scary. You are likely to
be eaten by a grue."
>> Does anyone have suggestions of other things that should be
>> considered for a BR corrections ballot or think any of my suggested
>> items should be a separate ballot?
> Looking at
> how about:
> and perhaps
Senior Research & Development Scientist
COMODO - Creating Trust Online
More information about the Public