Skip to content

Add lint to check for a valid Registration Scheme in the Subject.organizationIdentifier of EV certificates#901

Merged
christopher-henderson merged 36 commits intozmap:masterfrom
defacto64:invalid_org_reg_scheme
Dec 10, 2024
Merged

Add lint to check for a valid Registration Scheme in the Subject.organizationIdentifier of EV certificates#901
christopher-henderson merged 36 commits intozmap:masterfrom
defacto64:invalid_org_reg_scheme

Conversation

@defacto64
Copy link
Copy Markdown
Contributor

@defacto64 defacto64 commented Dec 1, 2024

This lint verifies that the organizationIdentifier Subject attribute in an EV certificate, if present, meets the requirement that...

Registration Schemes listed in Appendix H are currently recognized as valid under these guidelines.

This requirement was first introduced in section 9.2.8 of EVGL 1.7.0 and subsequently moved to section 7.1.4.2 when the EVGL were restructured.

Appendix H only allows three registration schemes: VAT, NTR, PSD. If the actual registration scheme found in the organizationIdentifier attribute is not one of those, this lint returns an Error.

Note: There are no such cases in the Zlint test corpus, however a search on Censys shows that some cases do exist.

defacto64 and others added 30 commits March 8, 2024 16:07
@defacto64
Add files via upload
0d4a7d5
@defacto64
Add files via upload
9ae1760
@defacto64
Add files via upload
c66f6f6
@defacto64
Add files via upload
3bd2334
@defacto64
Update lint_invalid_subject_rdn_order_test.go
95e89c8 
Added //nolint:all to comment block to avoid golangci-lint to complain about duplicate words in comment
@defacto64
Update lint_invalid_subject_rdn_order.go
7230486 
Fixed import block
@christopher-henderson
Merge branch 'master' into master
983a0df
@defacto64 @christopher-henderson
Update v3/lints/cabf_br/lint_invalid_subject_rdn_order.go
36682ed 
Fine to me.

Co-authored-by: Christopher Henderson <[email protected]>
@defacto64
Update lint_invalid_subject_rdn_order.go
fc81ece 
As per Chris Henderson's suggestion, to "improve readability".
@defacto64
Update lint_invalid_subject_rdn_order_test.go
9e54f08 
As per Chris Henderson's suggestion.
@defacto64
Merge branch 'master' into master
e61235c
@defacto64
Update time.go
8ca486a 
Added CABFEV_Sec9_2_8_Date
@defacto64
Add files via upload
1df8c9b
@defacto64
Add files via upload
ae29a40
@defacto64
Merge branch 'zmap:master' into master
9f657b2
@defacto64
Revised according to Chris and Corey suggestions
faa938d
@defacto64
Add files via upload
d2aa5b1
@defacto64
Add files via upload
b827d18
@defacto64
Merge branch 'zmap:master' into master
89e0ed1
@defacto64
Delete v3/lints/cabf_br/lint_e_invalid_cps_uri.go
e2f2f0e
@defacto64
Delete v3/lints/cabf_br/lint_e_invalid_cps_uri_test.go
126e1ac
@defacto64
Delete v3/testdata/invalid_cps_uri_ko_01.pem
a7fbe52
@defacto64
Delete v3/testdata/invalid_cps_uri_ko_02.pem
b289660
@defacto64
Delete v3/testdata/invalid_cps_uri_ko_03.pem
b5af6be
@defacto64
Delete v3/testdata/invalid_cps_uri_ok_01.pem
d9fea03
@defacto64
Delete v3/testdata/invalid_cps_uri_ok_02.pem
a324160
@defacto64
Delete v3/testdata/invalid_cps_uri_ok_03.pem
9ef6f60
@christopher-henderson
Merge branch 'master' into master
949d3ca
@defacto64
Merge branch 'zmap:master' into master
c827e99
@defacto64
Merge branch 'zmap:master' into master
698d02a
christopher-henderson
christopher-henderson requested changes Dec 8, 2024
View reviewed changes
@christopher-henderson christopher-henderson merged commit 0d1ece3 into zmap:master Dec 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@christopher-henderson christopher-henderson christopher-henderson approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@defacto64 @christopher-henderson