Hi everyone, I tried to dive into the best certificate structure and there are two things that bother me:
In both the CA\B F BR and the EV guidelines it clearly states that the SubjectCN is deprecated, so I learn from that that the best subscriber certificate structure would simply not include this field I did a small survey and I couldn’t find not even one certificate without the SubjectCN - so my question is: should we issue certificates without this field? why doesn’t any other CA has removed this field? In addition - the CertificatePolicies extension: It says in the BR and the EV guidelines that this extension MUST appear at a subscriber certificate yet I failed to find this extension in any EV certificate I checked... am I missing something? I would appreciate your input on those matters. Thanks Yair _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
