[cabfpub] RFC5280-related Ballot - For Discussion
Geoff Keating
geoffk at apple.com
Thu Apr 13 22:30:41 UTC 2017
> On 13 Apr 2017, at 10:08 am, Ryan Sleevi via Public <public at cabforum.org> wrote:
>
>
>
> On Thu, Apr 13, 2017 at 12:58 PM, Ben Wilson via Public <public at cabforum.org <mailto:public at cabforum.org>> wrote:
> I can do that for the longer names, but that takes time to implement and then for support in browsers to develop. I’ll look at our CABF OID tree and figure out how to branch out an OID arc for these two (commonName and organizationName). <>
>
> For what it's worth, we have no plans to support such newly-defined OIDs within our Certificate Processing code (and have recently begun deprecating support for commonName). It is correct that if CAs wish to use a longer organizationName, creating a new Attribute OID with a defined value without such an upper-bound is appropriate. However, as we do not afford special UI treatment to organizationally-validated certificates, nor do we have plans to do so, it would not be part of our development roadmap to afford any special treatment to this UI.
Presumably the new OID would be used for EV, too.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170413/e905ea78/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3321 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170413/e905ea78/attachment-0001.p7s>
More information about the Public
mailing list