← GoDaddy cases
Bugzilla #1662810
Technical Compliance
GoDaddy: DV certificates with organizationalUnit field in subject
RESOLVED
FIXED
GoDaddy
AI Summary
The case addresses GoDaddy's issuance of Domain Validated (DV) certificates that include an 'organizationalUnit' field in the subject, which is restricted under the Baseline Requirements. GoDaddy asserts that their use of 'Domain Control Validated' in this field complies with the requirements, as it does not refer to a specific entity. However, concerns were raised regarding their validation processes for this field. The issue has been resolved with GoDaddy confirming compliance with the relevant standards.
Chronology
- Initial report of DV certificates with OU field
- GoDaddy responds with compliance justification
- Further clarification provided by GoDaddy
- Bug scheduled for closure
Participants
Ryan Sleevi
Joanna Fox
Brett Wilson
External References
Similar Local Cases
GlobalSign: Cross Certificate with non-conforming CABF Policy OIDs
GoDaddy: inconsistent CP/CPS disclosure
Request to disable SMIME "trust bit" for GoDaddy CAs
Asseco DS / Certum: Forward dating certificates (notBefore in the future)
Visa: Non-BR-Compliant OCSP Responders
Entrust: Non-BR-Compliant OCSP Responder
E-Tugra: Forbidden Domain Validation Method 3.2.2.4.6
Google Trust Services: digitalSignature KeyUsage not set