When there is no Subject:commonName in a certificate, Subject.CommonName in the z509 Certificate object is an empty string. The bug is that the e_commonname_mailbox_validated lint is passing this empty string to util.IsMailboxAddress instead of ignoring it, resulting in a false positive error.
This bug blocks Sectigo from upgrading to ZLint v3.6.2.
The lint added in PR #806 (https://github.com/zmap/zlint/commit/7c899eaaaa534b10489f457ffbea808235d4fc71) incorrectly handles the case where Subject:commonName is not present in a Mailbox Validation S/MIME certificate.
When there is no Subject:commonName in a certificate,
Subject.CommonNamein the z509Certificateobject is an empty string. The bug is that the e_commonname_mailbox_validated lint is passing this empty string toutil.IsMailboxAddressinstead of ignoring it, resulting in a false positive error.This bug blocks Sectigo from upgrading to ZLint v3.6.2.