Recent Features
| |||||||||||||
Fraudulent certificates in the wild — againFraudulent certificates in the wild — againPosted Jan 21, 2013 16:10 UTC (Mon) by Jonno (subscriber, #49613)In reply to: Fraudulent certificates in the wild — again by cortana Parent article: Fraudulent certificates in the wild — again
> I couldn't tell from the startssl.com certificate just what its $60 product is, but as the description includes the phrase "organization validation," I presume that product has both the CN and O field filled in, whereas the free product has only CN (like lwn.net)
Actually, both individual validation ($60) and organizational validation ($60+$60) will include O, L, ST, C and emailAddress, but for individual validation, O will contain the name of the individual validated, not the organization for which the individual works. I.e. for lwn.net the difference is whether it would contain "O=Jonathan Corbet" or "O=Eklektix, Inc.".
A free certificate from StartSSL will only contain CN, C and emailAddress.
(Log in to post comments)
|
|||||||||||||