Hi Gerv I am aware of this change, but it is still required that we should do this.
Mads -----Original Message----- From: Gervase Markham [mailto:[email protected]] Sent: 8. mai 2017 13:11 To: Mads Egil Henriksveen; CA/Browser Forum Public Discussion List Subject: Re: [cabfpub] Ballot 199 - Require commonName in Root and Intermediate Certificates On 08/05/17 10:37, Mads Egil Henriksveen wrote: > I support that CN is required in all certificates, but I don’t support > that we should require a unique CN across all CA certificates issued > by the issuing CA. We don't. That MUST was changed to a SHOULD. > As long as we issue a new certificate for the same CA entity (i.e. > with the same CA key and same validity), it is not obvious that we > should have to “change the name” of this entity. CN is a part of the > Subject field and thus a part of the name of the CA. See the discussion between Bruce and Ryan. :-) Gerv _______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
