https://bugs.kde.org/show_bug.cgi?id=403534
Yuri Chornoivan <yurc...@ukr.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |yurc...@ukr.net
--- Comment #1 from Yuri Chornoivan <yurc...@ukr.net> ---
(In reply to Karl Ove Hufthammer from comment #0)
> In (currently line 142 of) okular/ui/certificateviewer.cpp, ‘Subject’ is
> defined as ‘The person/company that made the signature’, as is used as a
> hint to translators. But the definition is wrong. It’s actually the
> definition of ‘Issuer’, *not* of ‘Subject’.
For me, the definition is right.
>From RFC 5280 for X.509 certificate which is the main part of the signature
[1]:
The subject field identifies the entity associated with the public
key stored in the subject public key field. The subject name MAY be
carried in the subject field and/or the subjectAltName extension. If
the subject is a CA (e.g., the basic constraints extension, as
discussed in Section 4.2.1.9, is present and the value of cA is
TRUE), then the subject field MUST be populated with a non-empty
distinguished name matching the contents of the issuer field (Section
4.1.2.4) in all certificates issued by the subject CA. If the
subject is a CRL issuer (e.g., the key usage extension, as discussed
in Section 4.2.1.3, is present and the value of cRLSign is TRUE),
then the subject field MUST be populated with a non-empty
distinguished name matching the contents of the issuer field (Section
5.1.2.3) in all CRLs issued by the subject CRL issuer. If subject
naming information is present only in the subjectAltName extension
(e.g., a key bound only to an email address or URI), then the subject
name MUST be an empty sequence and the subjectAltName extension MUST
be critical.
[1] https://tools.ietf.org/html/rfc5280#section-4.1.2.6
--
You are receiving this mail because:
You are watching all bug changes.
