[cabfperf] Recommended Max Number of SANs in a Certificate
Jeremy Rowley
jeremy.rowley at digicert.com
Thu May 1 09:58:27 MST 2014
We currently recommend a maximum of 25. However, we have some customers
that need more because of their particular server configuration. I think
it'd be more productive to discuss individual certificate components than
adopt a total size limitation and let the CAs figure out how to make it
work.
From: performance-bounces at cabforum.org
[mailto:performance-bounces at cabforum.org] On Behalf Of Wayne Thayer
Sent: Thursday, May 1, 2014 10:56 AM
To: performance at cabforum.org
Subject: [cabfperf] Recommended Max Number of SANs in a Certificate
Certificates with dozens of SAN entries have become common, in part due to
the popularity of CDNs that use these certs to conserve scarce IPv4
addresses. This data can increase the size of the certificate by 25% or
more. Should we recommend a maximum number of SANs in a certificate? If so,
what should that number be? Or should we look at the total size of the
certificate rather than individual fields?
Thanks,
Wayne
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/performance/attachments/20140501/ff2d99a8/attachment.html
More information about the Performance
mailing list