On Thu, Oct 12, 2017 at 3:54 PM, Andrew R. Whalley via dev-security-policy <[email protected]> wrote: > I have reviewed SSLcom_CP_CPS_Version_1_2_1 and made the following notes: > > 1.3.2.1 > > "may contractually authorize the Subject of a specified Valid EV > Certificate to perform the RA function and authorize SSL.com to issue > additional EV Certificates at *third and higher domain levels* that are > contained within the domain of the original EV Certificate" > > This assumes the number of labels in domains appearing in the Public Suffix > List, which is inadvisable.
This is taken directly from the EV Guidelines section 14.2.2. The EVGs don't use the PSL, they specify third or higher. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
