Section 7.1.2.10.5 (CA Certificate Certificate Policies) states:
_This Profile RECOMMENDS that the first PolicyInformation value within the Certificate Policies extension contains the Reserved Certificate Policy Identifier (see 7.1.6.1)3. Regardless of the order of PolicyInformation values, the Certificate Policies extension MUST contain exactly one Reserved Certificate Policy Identifier._
It makes sense that this only applies to the "Policy Restricted" table. however the language uses "This Profile", where no direct profile is mentioned. If this language would be applicable for the entire section, then the "anyPolicy" cannot be used, as it is not a Reserved Certificate Policy Identifier.
Suggest we in a cleanup ballot clearly clarify it applies to the second table only
Section 7.1.2.10.5 (CA Certificate Certificate Policies) states:
_This Profile RECOMMENDS that the first PolicyInformation value within the Certificate Policies extension contains the Reserved Certificate Policy Identifier (see 7.1.6.1)3. Regardless of the order of PolicyInformation values, the Certificate Policies extension MUST contain exactly one Reserved Certificate Policy Identifier._
It makes sense that this only applies to the "Policy Restricted" table. however the language uses "This Profile", where no direct profile is mentioned. If this language would be applicable for the entire section, then the "anyPolicy" cannot be used, as it is not a Reserved Certificate Policy Identifier.
Suggest we in a cleanup ballot clearly clarify it applies to the second table only