This lint verifies that the Subject field of the certificate does not contain more than one instance of a given
AttributeTypeAndValue across all RelativeDistinguishedNames (with a few exceptions), as per the CABF BRs (section 7.1.4.1). This was not expressly prohibited in the past, and numerous TLS certificates were issued (several years ago) with this weird feature as can be seen in TestCorpus, but it was then banned in CABF BRs v2.0.0.
This lint doesn't care about multi-valued RDNs, despite this being forbidden, as multi-valued RDNs are another lint's business.
I don't think it's very useful to have a similar lint that does the same check on the Issuer field, but I am open to discussion.
This lint verifies that the Subject field of the certificate does not contain more than one instance of a given AttributeTypeAndValue across all RelativeDistinguishedNames (with a few exceptions), as per the CABF BRs (section 7.1.4.1). This was not expressly prohibited in the past, and numerous TLS certificates were issued (several years ago) with this weird feature as can be seen in TestCorpus, but it was then banned in CABF BRs v2.0.0.
This lint doesn't care about multi-valued RDNs, despite this being forbidden, as multi-valued RDNs are another lint's business.
I don't think it's very useful to have a similar lint that does the same check on the Issuer field, but I am open to discussion.