[cabfpub] CA/Browser Forum ASN.1 module
Ryan Sleevi
sleevi at google.com
Mon Feb 27 12:34:16 MST 2017
On Mon, Feb 27, 2017 at 9:25 AM, Peter Bowen via Public <public at cabforum.org
> wrote:
> There have been some questions about expected ASN.1 grammar for BR & EV
> certificates. I’ve created a module that attempts to collect it all.
>
Why the duplication of the X.500 attribute definitions, renamed with the
prefix 'cabf' ? Do the existing set of module definitions not suffice via
import?
With respect to the EV OIDs, you used the abbreviation joi, which is
presumably jurisdictionOfIncorporation. However, Ballot 119 was adopted to
remove the "ofIncorporation" suffix. At the risk of subtle pedantry, I
suspect this might be better as
id-ev-jursidiction ID ::= {ldap-enterprise microsoft(311) ev(60) 2 1}
id-ev-jurisdiction-localityName ID ::= {id-ev-jurisdiction 1}
id-ev-jurisdiction-stateOrProvinceName ID ::= {id-ev-jurisdiction 2}
id-ev-jurisdiction-countryName ID ::= {id-ev-jurisdiction 3}
I suspect Jody might be able to work with Microsoft's OID maintenance team
to figure out how Microsoft would prefer 60.2.1 be documented, similar to
other documents (e.g.
https://support.microsoft.com/en-us/help/287547/object-ids-associated-with-microsoft-cryptography
or https://msdn.microsoft.com/en-us/library/ms677614(v=vs.85).aspx )
I found a couple of errors in the tor appendix. I think I got the intent
> right, but can someone please confirm?
>
Can you clarify the errors you see? A quick visual scan only shows the
differences being the introduction of the EXTENSION .. IDENTIFIED BY
syntax, is that correct?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20170227/e9b7c20c/attachment.html>
More information about the Public
mailing list