Re: [PATCH] objects: add EV subject OID names

Thu, 25 May 2017 10:06:00 -0700 

On Wednesday 17 May 2017 12:02:48 Kyle J. McKay wrote:
> The "EV SSL Certificate Guidelines" available from:
> 
>   https://cabforum.org/extended-validation/
> 
> defines three OIDs commonly seen in leaf certificates:
> 
>   jurisdictionLocalityName
>   1.3.6.1.4.1.311.60.2.1.1
> 
>   jurisdictionStateOrProvinceName
>   1.3.6.1.4.1.311.60.2.1.2
> 
>   jurisdictionCountryName
>   1.3.6.1.4.1.311.60.2.1.3
> 
> Add these OID names so that certificate subjects containing
> them display nicely.
> 
> Note that prior to version 1.4.6 of the EV Guidelines (which
> was adopted and effective on 2014-03-24) the OID names started
> with "jurisdictionOfIncorporation" instead of just "jurisdiction".
> 
> The newer, shorter, names are used here.
> 
> Signed-off-by: Kyle J. McKay <[email protected]>

Committed, thanks.

> ---
> 
> For those using the libressl-2.5.4.tar.gz distribution, an equivalent
> patch that updates the generated files instead can be found here:
> 
>   https://gist.github.com/60b6236458c8e318412b99069dca8ed0
> 
>  src/lib/libcrypto/objects/obj_mac.num | 3 +++
>  src/lib/libcrypto/objects/objects.txt | 6 ++++++
>  2 files changed, 9 insertions(+)
> 
> diff --git a/src/lib/libcrypto/objects/obj_mac.num
> b/src/lib/libcrypto/objects/obj_mac.num index d839b396..3214090a 100644
> --- a/src/lib/libcrypto/objects/obj_mac.num
> +++ b/src/lib/libcrypto/objects/obj_mac.num
> @@ -953,3 +953,6 @@ Ed25519           952
>  Ed448                953
>  Ed25519ph    954
>  Ed448ph              955
> +jurisdictionLocalityName     956
> +jurisdictionStateOrProvinceName      957
> +jurisdictionCountryName              958
> diff --git a/src/lib/libcrypto/objects/objects.txt
> b/src/lib/libcrypto/objects/objects.txt index 28d77218..6efabf7d 100644
> --- a/src/lib/libcrypto/objects/objects.txt
> +++ b/src/lib/libcrypto/objects/objects.txt
> @@ -830,6 +830,12 @@ Private 1                : enterprises           : 
> Enterprises
>  # RFC 2247
>  Enterprises 1466 344 : dcobject              : dcObject
> 
> +# Extended Validation
> +!Alias extendedValidation Enterprises 311 60
> +extendedValidation 2 1 1 :                   : jurisdictionLocalityName
> +extendedValidation 2 1 2 :                   : 
> jurisdictionStateOrProvinceName
> +extendedValidation 2 1 3 :                   : jurisdictionCountryName
> +
>  # RFC 1495
>  Mail 1                       : mime-mhs              : MIME MHS
>  mime-mhs 1           : mime-mhs-headings     : mime-mhs-headings
> ---

Reply via email to