On 5/02/2018 17:08, Hanno Böck wrote:
https://crt.sh/?id=308392091&opt=ocsp
It has:
Subject:
commonName = ftp.gavdi.pl
countryName = PL
This looks like a combination that's not allowed. Either it's domain
validated, in which case it should not have a countryName, or it should
contain other fields.
The BRs actually seem to allow this, which at least looks like a bug in
the BRs to me. It would be very handy that the OIDs from the BRs where
used to indicate which validation was used.
It has:
X509v3 Certificate Policies:
Policy: 1.2.616.1.113527.2.5.1.9.6.3
That OID doesn't seem to be documented in the CPS.
Kurt
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
