On Tue, Jan 24, 2017 at 12:28 AM, Inigo Barreira <[email protected]> wrote: > Yes, I´m also agree. This was also taken into account when writting the ETSI > standards, and for the CA certs, the minumun is what Peter has indicated > plus the common name. We indicate that "... shall contain at least the > following attributes ....": countryName, organizationName and commonName > according to ITU-T X.520
I think it would be completely reasonable for Mozilla to require a commonName in an update to the policy. I thought it was there, but a CA pushed back on a cablint error about not having one a while ago and I wasn't able to find any proof it was required by any existing program policy. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
