-
Notifications
You must be signed in to change notification settings - Fork 110
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add lint for EV Guidelines section 9.7.3 #815
base: master
Are you sure you want to change the base?
Conversation
This checks that EV certificates contain a CPS URI policy qualifier
Effective April 10, 2008
} | ||
|
||
if !util.HasValidTLD(cps.Hostname(), time.Now()) { | ||
return &lint.LintResult{Status: lint.Error} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Probably fill the details here too
@mcpherrinm can you fix the failing test (looks like counts changed given logic change)? Once that's resolved, we can merge. |
Yep, will take a look soon. Busy with RWC this week :) |
Sounds good! Hope RWC is fun! Bummed I'm missing out this year. |
LintMetadata: lint.LintMetadata{ | ||
Name: "e_ev_certificate_policies", | ||
Description: "EV Certificates issued to Subscribers MUST include a CPS URI policy qualifier", | ||
Citation: "CA/Browser Forum EV Guidelines v1.8.1, Sec. 9.7.3", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this has now changed to 7.1.4.3: https://github.com/cabforum/servercert/blob/main/docs/EVG.md#7143-additional-technical-requirements-for-ev-certificates
This looks like it's been open for a while modulo a test. @mcpherrinm any chance you'd be willing to look at the failing test? |
Sorry, totally forgot about this PR. I'll take a look at that test shortly. |
This checks that EV certificates contain a CPS URI policy qualifier.
The CPS URI should be a public HTTP URI.
This requirement was included explicitly in the EV guidelines version 1.2, effective April 10, 2008