Jump to: navigation, search


No change in size, 22:07, 12 November 2018
formatting update
Section of the BRs will add the following language that clarifies the existing requirement and adds a short time in which CAs must discontinue the use of underscore characters in dNSNames:
Prior to April 1, 2019, certificates containing underscore characters (“_”) in domain labels in dNSName entries MAY be issued as follows:
* dNSName entries MAY include underscore characters such that replacing all underscore characters with hyphen characters (“-“) would result in a valid domain label, and;
After April 30, 2019, underscore characters (“_”) MUST NOT be present in dNSName entries.
This new language will go into effect on December 10, 2019 when the IPR review period for ballot SC12 [1] is completed. At that time, CAs must be prepared to stop issuing publicly-trusted TLS certificates containing the underscore character in any dNSName with validity periods of more than 30 days.

Navigation menu