[cabfpub] Require commonName in Root and Intermediate Certificates ballot draft (2)
Gervase Markham
gerv at mozilla.org
Thu Apr 20 16:24:42 UTC 2017
On 20/04/17 17:08, Ryan Sleevi wrote:
> I think your suggested rules perhaps bring more ambiguity than clarity.
>
> Is it reasonable to suggest the simple position, which is what Jeremy
> was seeking clarification on: That at the time of a certificate's
> issuance, it must be done so in a manner compliant with the "latest
> published version" (as specified in Section 2.2 of the BRs that all CAs
> attest to).
Sure. That's what my rules say too. But how does this apply to actions
which are not part of certificate issuance? This is why I felt a
generalisation of the rule was needed.
Of course, we are only discussing a default - explicit text can override
it in whatever way you like.
Gerv
More information about the Public
mailing list