[Servercert-wg] Ballot SC27: Version 3 Onion Certificates
Tobias S. Josefowitz
tobij at opera.com
Mon Jan 27 08:19:15 MST 2020
Hi!
On Fri, 24 Jan 2020, Wayne Thayer via Servercert-wg wrote:
> This ballot will permit CAs to issue DV and OV certificates containing Tor
> onion addresses using the newer version 3 naming format.
>
> https://github.com/cabforum/documents/compare/16a5a9bb78a193266f8d1465de1ee5a1acf5d184..fded04ad7f0390931d38af225bea46a4742fb631
Just a thought; is requiring all FQDNs present in the cert to be verified
in accordance with Appendix 3 as soon as one FQDN present in the cert is a
".onion"-FQDN the best and/or most clear way of saying "a certificate
including so much as one '.onion'-FQDN may only include '.onion'-FQDNs"?
Tobi
More information about the Servercert-wg
mailing list