> > On Mon, Oct 8, 2018 at 4:06 PM Nick Lamb via dev-security-policy < > [email protected]> wrote: > >> On Mon, 8 Oct 2018 03:43:53 -0700 (PDT) >> "piotr.grabowski--- via dev-security-policy" >> <[email protected]> wrote: >> >> > We have by the way question about error: ERROR: The 'Organization >> > Name' field of the subject MUST be less than 64 characters. According >> > to https://www.ietf.org/rfc/rfc5280.txt and the note from this RFC >> > 'ub-organization-name INTEGER ::= 64. For UTF8String or >> > UniversalString at least four times the upper bound should be >> > allowed. So what is the max length of this field for UTF8String? >> >> As I understand it: >> >> Although the word "character" is vague and should generally be avoided >> in modern technical documents, in this context it seems to refer to a >> Unicode code point. And "at least four times" is referring to the prior >> lines of the RFC which explain that you will need more than one octet >> (byte) to represent some of these characters - this is important for >> resource constrained implementations. >> > > There is no need to speculate based on context, because the RFC uses > precise and well-defined language. > > X520OrganizationName is defined precisely using ASN.1 size semantics. > > These semantics are specified in X.680 47.5.4, including the full > explanation as to what the 'max length' of this field should be seen as. > It's unambiguous. > > The encoding representation is then subject to the rules of X.690 8.21.10 > _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
Re: 46 certificates issued with BR violations
Ryan Sleevi via dev-security-policy Mon, 08 Oct 2018 17:35:24 -0700
- 46 certificates issued with BR ... piotr.grabowski--- via dev-security-policy
- Re: 46 certificates issued... Nick Lamb via dev-security-policy
- Re: 46 certificates is... Ryan Sleevi via dev-security-policy

