CA/Communications: Difference between revisions

CA/Communications (view source)

No change in size , 12 November 2018

m

formatting update

136

edits

@@ Line 10: / Line 10: @@
 Section 7.1.4.2.1 of the BRs will add the following language that clarifies the existing requirement and adds a short time in which CAs must discontinue the use of underscore characters in dNSNames:
-=====
+-----
 Prior to April 1, 2019, certificates containing underscore characters (“_”) in domain labels in dNSName entries MAY be issued as follows:
 * dNSName entries MAY include underscore characters such that replacing all underscore characters with hyphen characters (“-“) would result in a valid domain label, and;
@@ Line 19: / Line 19: @@
 After April 30, 2019, underscore characters (“_”) MUST NOT be present in dNSName entries.
-=====
+-----
 This new language will go into effect on December 10, 2019 when the IPR review period for ballot SC12 [1] is completed. At that time, CAs must be prepared to stop issuing publicly-trusted TLS certificates containing the underscore character in any dNSName with validity periods of more than 30 days.