[Servercert-wg] Publicly trusted PSD2 EV Certificate
Tim Hollebeek
tim.hollebeek at digicert.com
Wed May 29 11:12:19 MST 2019
Just a reminder that until Ballot SC17 clears its IPR review period, it
still isn't legal to issue publicly-trusted EV certificates with
OrganizationIdentifier in the SubjectDN, as this violates the EV Guidelines
as currently written.
Also, it is never acceptable to issue non-compliant test certificates off of
public roots.
The following certificate appears to be misissued:
https://censys.io/certificates/77754817eced33241b540d6ef3db4f1a3c0529f2646fa
d1d0e87c0ab6585e2f8
It was issued way back in March.
Also, ANF's CPS does not appear to be compliant with section 1.5.2 of the
Baseline Requirements, as it does not contain a mechanism for contacting the
persons responsible for the operation of the CA.
-Tim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20190529/518ac00c/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4940 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20190529/518ac00c/attachment.p7s>
More information about the Servercert-wg
mailing list