[Servercert-wg] Subject name requirements for CA Certificates
Rob Stradling
rob at sectigo.com
Tue Oct 8 11:04:17 MST 2019
On 08/10/2019 18:25, Ryan Sleevi via Servercert-wg wrote:
<snip>
> However, for CA certificates, both Root and Intermediate, the Baseline
> Requirements only permit the following, as defined in Section 7.1.4.3.1
>
> * 7.1.4.3.1.a - commonName (OID 2.5.4.3)
> * 7.1.4.3.1.b - organizationName (OID 2.5.4.10)
> * 7.1.4.3.1.c - countryName (OID 2.5.4.6)
>
> No other fields are listed in 7.1.4.3.1. Nor is there permission to
> include any other attributes, comparable to 7.1.4.2.2.j
Nor is there prohibition to include any other attributes, comparable to
EVG 9.2.9:
"Other Subject Attributes
CAs SHALL NOT include any Subject attributes except as specified in
Section 9.2."
--
Rob Stradling
Senior Research & Development Scientist
Sectigo Limited
More information about the Servercert-wg
mailing list