On 19/08/14 19:59, Ben Laurie wrote:
On 19 August 2014 11:36, Stephen Kent <[email protected]> wrote:
<snip>
In Section 7.2, there is another reference to EV certs, in the context of wildcard use. In that instance the RFC suggests that the guidelines published in 2009 allowed wildcards, whereas the RFC argued against their use except in one specific location.
I agree that the last sentence of RFC6125 section 7.2 does seem to imply that EV Guidelines v1.2 permits wildcards. This implication is incorrect.
It would be interesting to know if this is why EV now disallows wildcards.
It isn't. The EV Guidelines have never permitted wildcards. CABForum made that decision that all by itself.
EV Guidelines v1.0, published 2007, says "Wildcard certificates are not allowed for EV certificates". v1.2, cited by RFC6125, says the same thing. The current version, v1.4.5, says it twice!
EV Guidelines v1.0 predated the CERTID non-WG (which produced RFC6125) by several years.
-- Rob Stradling Senior Research & Development Scientist COMODO - Creating Trust Online _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
