W3C home > Mailing lists > Public > public-wsc-wg@w3.org > January 2009

ACTION-517: Check EV expectations for subjectAltName

From: Mary Ellen Zurko <mzurko@us.ibm.com>
Date: Fri, 2 Jan 2009 14:21:54 -0500
To: yngve@opera.com
Cc: public-wsc-wg@w3.org
Message-ID: <OF09380F04.DF884D13-ON85257532.006A26E7-85257532.006A66B9@LocalDomain>
Can someone connect the dots for me on this? We have this comment in a LC 
response:

Section 5.1.2:

    If the certificate's Subject field does not have an
    Organization attribute, then user agents MUST NOT consider the
    certificate as an augmented assurance certificate, even if it
    chains up to an AA-qualified trust root. User agents MAY
    consider such a certificate as an ordinary validated certificate.

What happens if a certificate's Subject field is empty, but the
SubjectAltName extension is marked critical and the subject's
identity is specified in the SAN field?  All things being equal
(i.e., an OID marks the certificate), would such a certificate be
considered trusted?

Which generated this action and response from Yngve: 
http://lists.w3.org/Archives/Public/public-wsc-wg/2008Oct/0019.html

So, what is the answer to the (second) question? Is it "yes"? 
Received on Friday, 2 January 2009 19:22:50 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 2 January 2009 19:22:51 GMT