For several years it has been mandatory to include an OSCP URL in the AIA extension of TLS Server certificates, and Zlint approprietely includes a lint (e_sub_cert_aia_does_not_contain_ocsp_url) to check that such requirement is met.
The requirement was later removed, with the advent of CABF BRs 2.0, but that lint has not been updated since. This PR introduces a tiny change to that lint to prevent it from complaining about a missing OCSP URL in certificates issued after 9/15/2023.
For several years it has been mandatory to include an OSCP URL in the AIA extension of TLS Server certificates, and Zlint approprietely includes a lint (
e_sub_cert_aia_does_not_contain_ocsp_url) to check that such requirement is met.The requirement was later removed, with the advent of CABF BRs 2.0, but that lint has not been updated since. This PR introduces a tiny change to that lint to prevent it from complaining about a missing OCSP URL in certificates issued after 9/15/2023.