On Mon, 6 Jul 2020 19:22:22 +0200
Matthias van de Meent via dev-security-policy
wrote:
> I notice that a lot of Subscriber Certificates contain https-based
> URLs (e.g. PKIOverheid/KPN, Sectigo, DigiCert), and that other
> http-based urls redirect directly to an https-based website (e.g.
>
On Mon, 6 Jul 2020 at 19:30, Ryan Sleevi wrote:
>
> On Mon, Jul 6, 2020 at 1:22 PM Matthias van de Meent via dev-security-policy
> wrote:
>>
>> ...
>>
>> 1.) What was the reasoning behind not (also / specifically) allowing
>> an HTTPS url? Was there specific reasoning reasoning?
>
>
> Nope, no
On Mon, Jul 6, 2020 at 1:22 PM Matthias van de Meent via
dev-security-policy wrote:
> Hi,
>
> As per BR v1.7.0, section 7.1.2.3, a Subscriber Certificate MAY
> include `certificatePolicies:policyQualifiers:qualifier:cPSuri`, which
> must then contain:
>
> > HTTP URL for the Subordinate CA's
3 matches
Mail list logo