Hello, I've been doing some scanning on a few million pages and consistently see the policy OIDs for DV, IV, OV, QWAC in the scopes of ETSI, CA/B or others.
The certificate found on the site "https://ettoday.net"; I can't determine the assurance policy. Example certificate: Subject: CN=*.ettoday.net,OU=RD,O=ET New Media Holding Co.\, Ltd.,L=Taipei,ST=Taiwan,C=TW Issuer: CN=TWCA Secure SSL Certification Authority,OU=Secure SSL Sub-CA,O=TAIWAN-CA,C=TW Serial number: 95559031384477517871019103745820225456 The only policy OID set is: 1.3.6.1.4.1.40869.1.1.25 ['www.twca.com.tw'] How should I qualify this certificate? Or is this a misissuance? A clarification would be great on how to determine this. The OID is also not part of this quite complete list of policy OIDs https://github.com/zmap/constants Your guidance would be appreciated. Kind regards, Oscar Koeroo -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/f79c9a95-b07a-4f04-8a23-e228cd8f43ean%40mozilla.org.
