I think this is listed as an issue in GitHub - https://github.com/cabforum/servercert/issues/444.
On Thu, Jan 4, 2024 at 4:54 AM Dimitris Zacharopoulos (HARICA) via Servercert-wg <servercert-wg@cabforum.org> wrote: > Dear Members, > > While taking another pass at reviewing the new certificate profiles > introduced in ballot SC62, I realized that there is some deviation from the > RFC 3647 structure that the BRs should maintain to help alignment of CA > CP/CPS documents. > > This is the structure defined by RFC 3647 for section 7: > > 7. CERTIFICATE, CRL, AND OCSP PROFILES > 7.1 Certificate profile > 7.1.1 Version number(s) > 7.1.2 Certificate extensions > 7.1.3 Algorithm object identifiers > 7.1.4 Name forms > 7.1.5 Name constraints > 7.1.6 Certificate policy object identifier > 7.1.7 Usage of Policy Constraints extension > 7.1.8 Policy qualifiers syntax and semantics > 7.1.9 Processing semantics for the critical Certificate Policies > > > Section 7.1.5 does not exist anymore. The BRs have the name constraints > information in 7.1.2.5.2, 7.1.2.10.8. I believe that, at a minimum, we > should re-introduce 7.1.5 and point to other subsections of 7.1.2 for > consistency with RFC 3647. > > Thoughts? > Dimitris. > > _______________________________________________ > Servercert-wg mailing list > Servercert-wg@cabforum.org > https://lists.cabforum.org/mailman/listinfo/servercert-wg >
_______________________________________________ Servercert-wg mailing list Servercert-wg@cabforum.org https://lists.cabforum.org/mailman/listinfo/servercert-wg
