The common name of the Let's Encrypt R3 intermediate certificate (
https://crt.sh/?id=3479778542) is in my opinion short and ambiguous. It
doesn't have any information in common name that can identify the operator
of the CA "Let's Encrypt" which can cause confusion who is running the CA.

The intermediate certificate common name "R3" naming shouldn't be allowed.
It's like the past root store naming that had ambiguous naming such as
"Root CA".

If such common name naming was adopted by other CAs it would terrible to
manage certificate stores and cause chaos of confusion.

Burton
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to