There is no single OID for Extended Validation. The members of CA/Browser
Forum (CABF) define their own, and then petition the browsers for EV
acceptance. The browsers then add the root certificate to their internal
EV tables, along with the OID they use for EV.
Since OpenSSL does not include ro
> I'm building an iOS application and trying to check if a certificate,
that a https-connection uses, is a EV certificate.
Why?
Wikipedia notes "The primary way to identify an EV certificate is by
referencing the Certificate Policies extension field. Each issuer uses a
different object identifier
Ø X509_get_ext_d2i(certificateX509, NID_certificate_policies, NULL, NULL)
Ø which returns some data depending of the NID provided. Since it is a
void-pointer, I don't know, which data type it returns.
According to x509v3/pcy_cache.c, it returns a pointer to CERTIFICATEPOLICIES.
According to