naming all the certs used by the CA
Ladd, Watson
wladd at akamai.com
Mon May 15 17:03:11 UTC 2023
The place I would look is the WebPKI guidelines: both the CA/B forum documents, the Mozilla Root Inclusion documents, and the Certificate Practices Statements of CAs reputed to do it well. However I don't think anything covers how certs will get used.
Usually the CN will have an indication of the purpose. This strikes me as an easy way to keep everything straight, although the certs will be identified by sha256 hashes when exchanged.
Sincerely,
Watson Ladd
More information about the openssl-users
mailing list