Skip to content

Add lint to check for mandatory individual identity subject attributes in non-legacy IV and SV S/MIME certificates#958

Merged
christopher-henderson merged 36 commits intozmap:masterfrom
defacto64:e_invalid_individual_identity
Jun 1, 2025
Merged

Add lint to check for mandatory individual identity subject attributes in non-legacy IV and SV S/MIME certificates#958
christopher-henderson merged 36 commits intozmap:masterfrom
defacto64:e_invalid_individual_identity

Conversation

@defacto64
Copy link
Copy Markdown
Contributor

@defacto64 defacto64 commented May 30, 2025

CAB Forum's Baseline Requirements for S/MIME Certificates include the following provision:

Multipurpose and Strict Generation profiles SHALL include either subject:givenName and/or subject:surname, or the subject:pseudonym.

...for both Individual-Validated and Sponsor-Validated certificates (see sections 7.1.4.2.5 and 7.1.4.2.6 of CABF SMIME BRs).

I realized that Zlint was lacking a check for this, so I am proposing this lint to fill the gap.

defacto64 and others added 30 commits March 8, 2024 16:07
@defacto64
Add files via upload
0d4a7d5
@defacto64
Add files via upload
9ae1760
@defacto64
Add files via upload
c66f6f6
@defacto64
Add files via upload
3bd2334
@defacto64
Update lint_invalid_subject_rdn_order_test.go
95e89c8 
Added //nolint:all to comment block to avoid golangci-lint to complain about duplicate words in comment
@defacto64
Update lint_invalid_subject_rdn_order.go
7230486 
Fixed import block
@christopher-henderson
Merge branch 'master' into master
983a0df
@defacto64 @christopher-henderson
Update v3/lints/cabf_br/lint_invalid_subject_rdn_order.go
36682ed 
Fine to me.

Co-authored-by: Christopher Henderson <[email protected]>
@defacto64
Update lint_invalid_subject_rdn_order.go
fc81ece 
As per Chris Henderson's suggestion, to "improve readability".
@defacto64
Update lint_invalid_subject_rdn_order_test.go
9e54f08 
As per Chris Henderson's suggestion.
@defacto64
Merge branch 'master' into master
e61235c
@defacto64
Update time.go
8ca486a 
Added CABFEV_Sec9_2_8_Date
@defacto64
Add files via upload
1df8c9b
@defacto64
Add files via upload
ae29a40
@defacto64
Merge branch 'zmap:master' into master
9f657b2
@defacto64
Revised according to Chris and Corey suggestions
faa938d
@defacto64
Add files via upload
d2aa5b1
@defacto64
Add files via upload
b827d18
@defacto64
Merge branch 'zmap:master' into master
89e0ed1
@defacto64
Delete v3/lints/cabf_br/lint_e_invalid_cps_uri.go
e2f2f0e
@defacto64
Delete v3/lints/cabf_br/lint_e_invalid_cps_uri_test.go
126e1ac
@defacto64
Delete v3/testdata/invalid_cps_uri_ko_01.pem
a7fbe52
@defacto64
Delete v3/testdata/invalid_cps_uri_ko_02.pem
b289660
@defacto64
Delete v3/testdata/invalid_cps_uri_ko_03.pem
b5af6be
@defacto64
Delete v3/testdata/invalid_cps_uri_ok_01.pem
d9fea03
@defacto64
Delete v3/testdata/invalid_cps_uri_ok_02.pem
a324160
@defacto64
Delete v3/testdata/invalid_cps_uri_ok_03.pem
9ef6f60
@christopher-henderson
Merge branch 'master' into master
949d3ca
@defacto64
Merge branch 'zmap:master' into master
c827e99
@defacto64
Merge branch 'zmap:master' into master
698d02a
christopher-henderson
christopher-henderson approved these changes Jun 1, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@christopher-henderson christopher-henderson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very clean lint, thank you.

@christopher-henderson christopher-henderson merged commit 8696d6c into zmap:master Jun 1, 2025
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@christopher-henderson christopher-henderson christopher-henderson approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@defacto64 @christopher-henderson