[cabfpub] TorServiceDescriptor OID Change?
Rich Smith
richard.smith at comodo.com
Thu Jun 25 14:36:29 UTC 2015
Ben, I agree with your reasoning, but would suggest that the TOR descriptor
probably should be one more level down rather than directly off the
ca-browser-forum tree.
I propose:
2.23.140
--> 31 - ServiceDescriptors
--> 1 - TORServiceDescriptor
Reasoning being that at the moment the TOR descriptor is the only one, but
that may not always be the case.
-Rich
From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On
Behalf Of Ben Wilson
Sent: Wednesday, June 24, 2015 6:10 AM
To: CABFPub
Subject: [cabfpub] TorServiceDescriptor OID Change?
Should or can the TOR Service Descriptor OID (certificate extension) be
changed from 2.23.140.1.31 to 2.23.140.31? Or something else? I think the
CA/B Forum OID tree should reserve “1” for guidelines and policies.
See below:
CA/Browser Forum OID Chart
2 - joint-iso-itu
└→ 23 - international-organization
└→ 140 - ca-browser-forum
└→ 1 - certificate-policies
└→ 1 -
extended-validation-ssl
└→ 2
-baseline-requirements-ssl
└→ 1 -
domain-validated
└→ 2 -
subject-identity-validated
└→ 3 -
individual-identity-validated
└→ 3 -
extended-validation-code-signing
└→ 1 -
└→ 2 -
└→ 4 -
baseline-requirements-code-signing
└→ 31 - TorServiceDescriptor
└→ 41 - caSigningNonce
└→ 42 - applicantSigningNonce
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150625/b43daa01/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6378 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150625/b43daa01/attachment-0003.bin>
More information about the Public
mailing list