github-actions[bot]
commented
3 months ago This issue was created based on:
- TLS BR Version 2.0.5
- EVG Version 2.0.1
Closed mtgag closed 3 months ago
github-actions[bot]
commented
3 months ago This issue was created based on:
CBonnell
commented
3 months ago This was recently discussed on the servercert-wg mailing list. See: https://lists.cabforum.org/pipermail/servercert-wg/2024-April/004462.html.
tl;dr Using HTTPS is a violation.
mtgag
commented
3 months ago This was recently discussed on the servercert-wg mailing list. See: https://lists.cabforum.org/pipermail/servercert-wg/2024-April/004462.html.
tl;dr Using HTTPS is a violation.
Thank you. I will update the PR soon.
Section 7.1.2.7.7 Subscriber Certificate Authority Information Access states: "A HTTP URL of the Issuing CA’s certificate."
I am about to implement a lint for zlint and there was a discussion in the issue (see https://github.com/zmap/zlint/pull/852), whether an https URL is an allowed URL to place the Issuing CA’s certificate. Would an https URL in a certificate be a violation of the BR requirements? I would be grateful if you could clarify this to align implementation with the requirements.