It depends on the CA in question, more so on the number of the attributes that
are included, and of course on the set of users. ;-)
So far I assure you I've no concern for pitchforks. ;-)
Regards,
Uri
P.S. Why do you think validating, e.g., three email addresses is any more
difficult than one?
On 04/27/2017 04:09 PM, openssl-users-requ...@openssl.org digested:
> From: "Blumenthal, Uri - 0553 - MITLL"
>
> You do not "revoke" a subset of attributes aka SAN emails. When any of
> the certified attributes changes (i.e., is certification no longer valid),
> the certificate is revoked and (po
You do not "revoke" a subset of attributes aka SAN emails. When any of the
certified attributes changes (i.e., is certification no longer valid), the
certificate is revoked and (possibly) re-issued. The process is no different
than with any other set of attributes, several of which may be owned/
On 04/26/2017 07:13 PM, Viktor Dukhovni was digested as writing:
> On Apr 26, 2017, at 1:03 PM, Blumenthal, Uri - 0553 - MITLL
> wrote:
>> It?s been my understanding that a cert can contain as many SAN attributes as
>> needed,
>> but it appears that Apple believes it has to be only one (because
On Wed, Apr 26, 2017 at 1:03 PM, Blumenthal, Uri - 0553 - MITLL
wrote:
> A naïve question. A certificate that contains SAN attribute(s) – is there a
> limit on how many, say, RFC822 SAN attributes can a valid certificate have?
>
>
>
> It’s been my understanding that a cert can contain as many SAN
confirmed, i've seen dozens on one cert - far more preferable to do
that and have such numbers than a single wildcard cert (which has
issues on all sorts of platforms
for various purposes).
alan
On 26 April 2017 at 18:24, Blumenthal, Uri - 0553 - MITLL
wrote:
> > It’s been my understanding t
> It’s been my understanding that a cert can contain as many SAN attributes
as needed,
> but it appears that Apple believes it has to be only one (because
certificates with
> more than one are not processed properly).
Perhaps CAs have rarely issued email certificates with mul
> On Apr 26, 2017, at 1:03 PM, Blumenthal, Uri - 0553 - MITLL
> wrote:
>
> A naïve question. A certificate that contains SAN attribute(s) – is there a
> limit
> on how many, say, RFC822 SAN attributes can a valid certificate have?
None of the standard SAN types (DNS, Email, IP, ...) are limit
> A naïve question. A certificate that contains SAN attribute(s) – is there a
> limit on how many, say, RFC822 SAN attributes can a valid certificate have?
No.
> It’s been my understanding that a cert can contain as many SAN attributes as
> needed, but it appears that Apple believes it has to
A naïve question. A certificate that contains SAN attribute(s) – is there a
limit on how many, say, RFC822 SAN attributes can a valid certificate have?
It’s been my understanding that a cert can contain as many SAN attributes as
needed, but it appears that Apple believes it has to be only on
10 matches
Mail list logo