On 8/14/19 3:26 PM, Salz, Rich wrote:
RFC 8002 (with a null subjectName), but a CA cert MUST have a non-empty
subjectName.
Non-empty subjectName or non-empty commonName within the subject name?
Shrug. Doesn't matter, I guess. Just populate it with the string version of
the HIT name, something like
CN=IP Address 2001:27:dcfc:cb8:d53g:5364:48bj
?
That is what I am coming to see. Always 'nice' to follow existing
practice. But given now, set the precedence!
My searches today have come up empty.
I tried crt.sh and also came up empty; https://crt.sh/?CAName=%25%3A%25 This is not surprising since I would not expect any public CA's to have this kind of thing.
