Skip to Content [alt-c]


In reply to The Difference Between Root Certificate Authorities, Intermediates, and Resellers

Reader Bruce on 2023-06-22 at 11:42:

Hi Andrew,

Regarding white label CAs. I assume these are normally operated by a root CA on behalf of a customer such as a reseller. I also assume that the risk of compliance issues are greatly reduced. I do understand that when you review the certificate subject that the viewer cannot tell it is a white label CA. Should we consider adding content to the certificate to address this issue? This could be done with a certificate policy OID and maybe a qualifier to provide more information. There is probably other ideas, but I am thinking that adding some content to the certificate is easy to implement and could be provided in all new white label CA certificates.

Thanks, Bruce.


Post a Reply

Your comment will be public. To contact me privately, email me. Please keep your comment polite, on-topic, and comprehensible. Your comment may be held for moderation before being published.

(Optional; will be published)

(Optional; will not be published)

(Optional; will be published)

  • Blank lines separate paragraphs.
  • Lines starting with > are indented as block quotes.
  • Lines starting with two spaces are reproduced verbatim (good for code).
  • Text surrounded by *asterisks* is italicized.
  • Text surrounded by `back ticks` is monospaced.
  • URLs are turned into links.
  • Use the Preview button to check your formatting.