You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to ZLint Announcements
The ZMap team is happy to share ZLint v2.2.0. This minor release primarily includes bug fixes and new lints.
New Lints:
New RFC 5280 Lints
e_cert_sig_alg_not_match_tbs_sig_alg to verify tbsCertificate algorithm matches certificate's signature algorithm.
New CA/Browser Forum Lints:
e_san_dns_name_onion_invalid to validate .onion certificate subject addresses are well-formed.
Updated Lints:
e_ext_tor_service_descriptor_hash_invalid updated for Ballot SC27 to only require the extension for EV certificates.
Removed Lints:
e_sub_ca_aia_does_not_contain_ocsp_url, as of Ballot SC31 this lint is no longer required.
Command Line Utility Updates:
-summary and -longSummary command line flags added to zlint utility for presenting lint results in a human-readable tabular form.
Bug Fixes:
lint_ev_valid_time_too_long maximum validity calculation fixed and source/citation/package corrected to CABF EV Guidelines.
e_ev_business_category_missing, e_ev_country_name_missing, e_ev_organization_name_missing, and e_ev_serial_number_missing source/citation/package corrected to CABF EV Guidelines.
e_tls_server_cert_valid_time_longer_than_398_days fixed to not apply to CA certificates.
e_tls_server_cert_valid_time_longer_than_398_days fixed off-by-one calculation of validity period.