[cabfpub] Ballot 199 - Require commonName in Root and Intermediate Certificates
Gervase Markham
gerv at mozilla.org
Thu Apr 27 16:28:43 UTC 2017
Following discussion on the call today, there is a minor edit to this
ballot:
On 25/04/17 16:03, Gervase Markham wrote:
> 7.1.4.3.1 Subject Distinguished Name Fields
>
> Certificate Field: subject:commonName (OID 2.5.4.3)
> Required/Optional: Required
> Contents: This field MUST be present and the contents MUST be an identifier
--> change the second MUST to a SHOULD. (Which means this should be
normal practice, but you can do something different if you have a good
reason and know what you are doing.) Later, this may be replaced (in
another ballot) with a MUST plus a set of known sensible use case
exceptions.
> for the certificate such that the certificate's Name is unique across all
> certificates issued by the issuing certificate.
Gerv
More information about the Public
mailing list