[cabfpub] [EXTERNAL]Re: Ballot 199 - Require commonName in Root and Intermediate Certificates

Bruce Morton Bruce.Morton at entrustdatacard.com
Mon May 8 18:24:21 UTC 2017

Entrust votes Yes to ballot 199.


-----Original Message-----
From: Public [mailto:public-bounces at cabforum.org] On Behalf Of Gervase Markham via Public
Sent: Thursday, April 27, 2017 12:29 PM
To: CABFPub <public at cabforum.org>
Cc: Gervase Markham <gerv at mozilla.org>
Subject: [EXTERNAL]Re: [cabfpub] Ballot 199 - Require commonName in Root and Intermediate Certificates

Following discussion on the call today, there is a minor edit to this

On 25/04/17 16:03, Gervase Markham wrote:
> Subject Distinguished Name Fields
> Certificate Field: subject:commonName (OID
> Required/Optional: Required
> Contents: This field MUST be present and the contents MUST be an 
> identifier

--> change the second MUST to a SHOULD. (Which means this should be
normal practice, but you can do something different if you have a good reason and know what you are doing.) Later, this may be replaced (in another ballot) with a MUST plus a set of known sensible use case exceptions.

> for the certificate such that the certificate's Name is unique across 
> all certificates issued by the issuing certificate.


Public mailing list
Public at cabforum.org

More information about the Public mailing list