On Thursday, March 10, 2016 at 11:07:51 PM UTC-8, Jakob Bohm wrote:
> - DNS name (for https?) in CN, but not repeated as a SAN (as per PKIX).
Not PKIX. It's the Baseline Requirements.
> - SAN present but does not include the server name from the CN, this
> might make some PKIX-based clients
On 2016-03-11 15:33, Jakob Bohm wrote:
On 11/03/2016 09:55, Kurt Roeckx wrote:
On 2016-03-11 01:14, Jakob Bohm wrote:
- Non-PrintableString/UTF8String in DNs. Workaround to be removed in
Bug #[TBD].
Does this also apply to "pure ASCII" fields such as country ("C=US")
etc.? Some of those
On 11/03/2016 09:55, Kurt Roeckx wrote:
On 2016-03-11 01:14, Jakob Bohm wrote:
- Non-PrintableString/UTF8String in DNs. Workaround to be removed in
Bug #[TBD].
Does this also apply to "pure ASCII" fields such as country ("C=US")
etc.? Some of those were historically constrained to one of
El viernes, 15 de enero de 2016, 13:42:41 (UTC+1), raf...@gmail.com escribió:
> Hi all.
>
> We have developed a solution plan for this issues.
>
> We are going to audit in-scope CAs. Finally our FNMT-RCM CAs hierarchy audit
> scheme will be as follows:
>
> + AC RAIZ FNMT-RCM
>+ AC
On 2016-03-11 01:14, Jakob Bohm wrote:
- Non-PrintableString/UTF8String in DNs. Workaround to be removed in
Bug #[TBD].
Does this also apply to "pure ASCII" fields such as country ("C=US")
etc.? Some of those were historically constrained to one of the
lesser ASN.1 string types.
I think C
5 matches
Mail list logo