RFC5280 was not written by the CAs themselves.
The deprecation of CNs in favor of elements found in the SAN extension
is logical and comes from CAs as well as browser vendors; CN use has
been abused to contain names (human readable), IP addresses, and host
names (either simple or fully
Hi Erwann,
On Thu, Feb 14, 2013 at 11:09:23AM +0100, Erwann Abalea wrote:
RFC5280 was not written by the CAs themselves.
Some of them are listed in the authorship; they also reference 5280 and other
PKI RFCs in their standards they created as part of the CAB Forum and the
Webtrust auditing