[gnutls-devel] GnuTLS | Should a certificate with two SAN instances be rejected? (#872)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Sat Dec 14 10:53:28 CET 2019

julia commented:

In RFC 5280, I found the next statements, and wondered how a subject 
public key and two  subjectAltName extensions should be bound. 
Which parts of the two extensions are verified (if the verification is still 

1. "Certification path processing verifies the binding between the 
subject distinguished name and/or subject alternative name and subject 
public key." (Section 6).

2. "If subject naming information is present only in the subjectAltName 
extension (e.g., a key bound only to an email address or URI), then the subject
name MUST be an empty sequence and the subjectAltName extension MUST
be critical." (Section

3. "A certificate MUST NOT include more than one instance of a particular 
extension." (4.2)

4. "Because the subject alternative name is considered to be definitively
bound to the public key, all parts of the subject alternative name
MUST be verified by the CA." (

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/872#note_260338436
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20191214/54a5b8ea/attachment.html>

More information about the Gnutls-devel mailing list