FULL PDF
Abstract
Certificate Authorities is regularly making exceptions when they realize the Certificate to the customers or any other companies. To identify those exceptions, there is one software introduced by ZLINT; The certificated linter has codified the few policies to set by Browser/CA forums. It will be the baseline of the requirements and RFC5880 that can be tested in an isolated way. We can run ZLint on the browser-trusted certificates. There are exceptions reductions after introduced ZLint in the market in 2012. We can see the market research for the error reduction of only 0.02% of the certificates. There are substantial due to the handling of large authorities that consistently issue correct certificates. The small organizations that regularly give non-conformant certificates with different errors are correlated with other parts of mismanagement with large authorities' worrisome organizational practices. The WEB PKI will achieve long-term health.
View more >>