[Servercert-wg] Subject name requirements for CA Certificates

Rob Stradling rob at sectigo.com
Tue Oct 8 11:04:17 MST 2019

On 08/10/2019 18:25, Ryan Sleevi via Servercert-wg wrote:
> However, for CA certificates, both Root and Intermediate, the Baseline 
> Requirements only permit the following, as defined in Section
>   * - commonName (OID
>   * - organizationName (OID
>   * - countryName (OID
> No other fields are listed in Nor is there permission to 
> include any other attributes, comparable to

Nor is there prohibition to include any other attributes, comparable to 
EVG 9.2.9:
   "Other Subject Attributes
    CAs SHALL NOT include any Subject attributes except as specified in
    Section 9.2."

Rob Stradling
Senior Research & Development Scientist
Sectigo Limited

More information about the Servercert-wg mailing list