[Servercert-wg] Publicly trusted PSD2 EV Certificate

Tim Hollebeek tim.hollebeek at digicert.com
Wed May 29 11:12:19 MST 2019


 

Just a reminder that until Ballot SC17 clears its IPR review period, it
still isn't legal to issue publicly-trusted EV certificates with
OrganizationIdentifier in the SubjectDN, as this violates the EV Guidelines
as currently written.

 

Also, it is never acceptable to issue non-compliant test certificates off of
public roots.

 

The following certificate appears to be misissued:

 

https://censys.io/certificates/77754817eced33241b540d6ef3db4f1a3c0529f2646fa
d1d0e87c0ab6585e2f8

 

It was issued way back in March.

 

Also, ANF's CPS does not appear to be compliant with section 1.5.2 of the
Baseline Requirements, as it does not contain a mechanism for contacting the
persons responsible for the operation of the CA.

 

-Tim

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20190529/518ac00c/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4940 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20190529/518ac00c/attachment.p7s>


More information about the Servercert-wg mailing list