On Mon, May 11, 2020 at 02:50:19PM +, Corey Bonnell via dev-security-policy
wrote:
> > * Are there rules that CAs must adhere to in regards to referencing the
> > intermediate in the AIA field? Does it need to be available? Does it
> > need to be there at all?
>
> It's optional
> * Are there rules that CAs must adhere to in regards to referencing the
> intermediate in the AIA field? Does it need to be available? Does it
> need to be there at all?
It's optional (SHOULD-level), as Baseline Requirements 7.1.2.3 (c) [1] states:
It (AIA extension) SHOULD also
Hi,
I have been doing some checks on certificates with the AIA Issuers
field. I already reported certificates with a 403 error on the HTTP url
of the intermediate (see earlier mail).
Now there's more stuff to be found and I'm wondering:
* Are there rules that CAs must adhere to in regards to
3 matches
Mail list logo
