Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add lint for EV Guidelines section 9.7.3 #815

Open
wants to merge 5 commits into
base: master
Choose a base branch
from

Conversation

mcpherrinm
Copy link

@mcpherrinm mcpherrinm commented Mar 17, 2024

This checks that EV certificates contain a CPS URI policy qualifier.

The CPS URI should be a public HTTP URI.

This requirement was included explicitly in the EV guidelines version 1.2, effective April 10, 2008

mcpherrinm and others added 3 commits March 16, 2024 21:25
}

if !util.HasValidTLD(cps.Hostname(), time.Now()) {
return &lint.LintResult{Status: lint.Error}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Probably fill the details here too

@zakird
Copy link
Member

zakird commented Mar 27, 2024

@mcpherrinm can you fix the failing test (looks like counts changed given logic change)? Once that's resolved, we can merge.

@mcpherrinm
Copy link
Author

Yep, will take a look soon. Busy with RWC this week :)

@zakird
Copy link
Member

zakird commented Mar 27, 2024

Sounds good! Hope RWC is fun! Bummed I'm missing out this year.

LintMetadata: lint.LintMetadata{
Name: "e_ev_certificate_policies",
Description: "EV Certificates issued to Subscribers MUST include a CPS URI policy qualifier",
Citation: "CA/Browser Forum EV Guidelines v1.8.1, Sec. 9.7.3",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@zakird
Copy link
Member

zakird commented Jul 20, 2024

This looks like it's been open for a while modulo a test. @mcpherrinm any chance you'd be willing to look at the failing test?

@mcpherrinm
Copy link
Author

Sorry, totally forgot about this PR. I'll take a look at that test shortly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants