Closed mozkeeler closed 8 years ago
I think that this is left from the old screwy definition of issuer name contents in the BRs from pre-1.2.4. The Microsoft root program requires Root CAs to have commonName but I don't see anything on non-root CA certificates.
OK - thanks. For the Mozilla tool that uses certlint for new CA applicants, I'm thinking of making this error informational, since it doesn't apply to inclusion into our program.
Sections 7.1.2.1 and 7.1.2.2 of the BRs (v1.3.2) only mention that countryName and organizationName are required - am I missing something?
(See https://github.com/awslabs/certlint/blob/03521349a453a60072209d576c7539c6d6d43cf7/lib/certlint/cablint.rb#L133 )