Thanks, I knew it had to be there somewhere. From: Public [mailto:[email protected]] On Behalf Of Adriano Santoni via Public Sent: Wednesday, May 10, 2017 8:43 AM To: [email protected] Cc: Adriano Santoni <[email protected]> Subject: Re: [cabfpub] Is CN value required in the SAN?
Excerpt from the BRs: 7.1.4.2.2. Subject Distinguished Name Fields a. Certificate Field: subject:commonName (OID 2.5.4.3) Required/Optional: Deprecated (Discouraged, but not prohibited) Contents: If present, this field MUST contain a single IP address or Fully‐Qualified Domain Name that is one of the values contained in the Certificate’s subjectAltName extension (see Section 7.1.4.2.1). Il 10/05/2017 14:36, Doug Beattie via Public ha scritto: In reading the BRs, I see the requirement that the SAN must contain at least one value (7.1.4.2.1), but I can’t find a reference that the value in the CN needs to be in the SAN. Am I missing that link somewhere, or can the value in the CN be omitted from the SAN? With Chrome depreciating use of CN, CAs will certainly want to include the value in the SAN, but is there a BR requirement that the CN value must be in the SAN? _______________________________________________ Public mailing list [email protected]<mailto:[email protected]> https://cabforum.org/mailman/listinfo/public -- Cordiali saluti, Adriano Santoni ACTALIS S.p.A. (Aruba Group)
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
