The CA / B Forum clarified the use of the Subject field attributes in SSL certificates

A few days ago, CA / B Forum, the SSL industry regulator, adopted Ballot SC16 by a majority of votes to clarify the use of the Subject field attributes in SSL certificates.

What does Ballot SC16 include?

Section 7.1.4.2 of the Baseline Requirements now adds a clarification: Subject attributes should not consist of metadata (you cannot use only single symbols such as a full stop, a hyphen or a space) as a value. Any indication that the value is missing, incomplete or not applicable is not acceptable.

Section 7.1.4.2.2 (j.) was supplemented with the following clarification: Other attributes may be present in the Subject field. If they are specified, they must contain information verified by a certification authority.

Ballot SC16 also changes the rules of the “Guidelines For The Issuance And Management Of Extended Validation Certificates”.

Section 9.2.8 now contains the following clarification:

The OU attribute should not contain the name, trademark, address, location or any other data relating to a specific individual or legal entity until the certification authority checks this information in accordance with section 11. This field should not contain metadata, including the period, hyphen or space; you cannot use any other indication that the value is missing, incomplete or not applicable.

Also section 9.2.9 was added, which states:

«The certification authority can add only those attributes of the Subject that are specified in section 9.2».

Sign up for our newsletter to stay up to date with the latest news from the world of SSL and online security.