- From: Hallam-Baker, Phillip <pbaker@verisign.com>
- Date: Mon, 16 Apr 2007 09:58:46 -0700
- To: "Hallam-Baker, Phillip" <pbaker@verisign.com>, <public-wsc-wg@w3.org>
Received on Monday, 16 April 2007 16:59:08 UTC
Once more with the right subject line The latest version of the guidelines is at: http://www.cabforum.org/EV_Certificate_Guidelines.pdf The actual profile requirements are in part D, sections 6 through 8. Section 6 essentially states that particular OIDs must be used for the subject and issuer identifier DN arcs. These appear to be taken from PKIX. Section 7 states where the policy OIDs should be placed. Section 8 gives maximum lifespan requirements, interestingly this is a SHOULD not a MUST. Additional technical details are in Appendices A and B. Appendix A is motherhood/Apple pie statements on key lengths. Most important thing here is that the transition to 2048 bits is mandated by the end of 2010. Appendix B is a profile on X.509v3 and PKIX (RFC 3280).
Received on Monday, 16 April 2007 16:59:08 UTC