naming all the certs used by the CA

Ladd, Watson wladd at akamai.com
Mon May 15 17:03:11 UTC 2023


The place I would look is the WebPKI guidelines: both the CA/B forum documents, the Mozilla Root Inclusion documents, and the Certificate Practices Statements of CAs reputed to do it well. However I don't think anything covers how certs will get used.

Usually the CN will have an indication of the purpose. This strikes me as an easy way to keep everything straight, although the certs will be identified by sha256 hashes when exchanged.

Sincerely,
Watson Ladd


More information about the openssl-users mailing list