Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8032835

Security Dialogs should display OU/O field for Publisher if CN field is empty

    XMLWordPrintable

    Details

    • Subcomponent:
    • Resolved In Build:
      b06

      Backports

        Description

        The CN component of the subject field of a certificate is used as the Publisher name in a security dialog. If the CN field is missing, "Unknown" will be displayed, which is not user-friendly. Also there are additional components in the distinguished name that can be used to identify the certificate's subject.

        If the CN field is empty, I think we should display the OU field (and maybe the O field as well).

        This is likely to become a more common scenario. The CA/Browser Forum has made a recommendation discouraging the use of the CN field in section 9.2.2 of the baseline requirements v1.1.6 and 9.2.3 of the EV Code Signing Guidelines:

        https://cabforum.org/Baseline_Requirements_V1.pdf
        https://cabforum.org/wp-content/uploads/EV_Code_Signing_Guidelines_v1_1.pdf


          Attachments

            Issue Links

              Activity

                People

                Assignee:
                dtitov Daniil Titov (Inactive)
                Reporter:
                mullan Sean Mullan
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved: