The EV cert standard recommends and/or requires that certain attributes be included in the subject name of an EV cert. PSM does not recognize all the known EV attribute type OID, and so the cert viewer displays these attributes with a rather user-unfriendly display. For example: When viewing the SSL server cert at the URL cited above, we see the following attributes in the name: CN = www.isecpartners.com OU = Secure Link EV SSL OU = Information Technology O = iSEC Partners, Inc. Object Identifier (2 5 4 9) = 115 Sansome Street Object Identifier (2 5 4 9) = Suite 1005 L = San Francisco ST = CA Object Identifier (2 5 4 17) = 94104 C = US Object Identifier (2 5 4 15) = V1.0, Clause 5.(b) Object Identifier (1 3 6 1 4 1 311 60 2 1 1) = North Las Vegas Object Identifier (1 3 6 1 4 1 311 60 2 1 2) = Nevada Object Identifier (1 3 6 1 4 1 311 60 2 1 3) = US Object Identifier (2 5 4 5) = E0936482006-7 Notice the 8 unrecognized name attribute OIDs there. They include: Defined in X.500 family (see http://www.alvestrand.no/objectid/2.5.4.html for the whole list) 2 5 4 5 = serial Number 2 5 4 9 = street Address 2 5 4 15 = business Category 2 5 4 17 = postal Code Defined by CAB Forum, reserved by Microsoft (see http://www.cabforum.org/EV_Certificate_Guidelines_V11.pdf page 20) 1 3 6 1 4 1 311 60 2 1 1 = jurisdiction Of Incorporation Locality Name 1 3 6 1 4 1 311 60 2 1 2 = jurisdiction Of Incorporation State Or Province Name 1 3 6 1 4 1 311 60 2 1 3 = jurisdiction Of Incorporation Country Name

A Patch for this bug would probably resemble the patch for bug 323903.

Note that Chrome doesn't recognize these OIDs either. I wouldn't be opposed to implementing this for the upcoming cert viewer implementation, but I don't think it's worth spending time on adding this for the current implementation.

(In reply to David Keeler [:keeler] (use needinfo?) from comment #3) > upcoming cert viewer implementation For reference, the tracking bug for this work is Bug 1294897.

This issue has been recently discussed during the latest CA/B Forum F2F 39 meeting (Oct 2016). (https://cabforum.org/2016/10/19/2016-10-19-20-f2f-meeting-39-minutes/). The affected files for Mozilla products seem to be: https://dxr.mozilla.org/mozilla-central/source/security/manager/locales/en-US/chrome/pipnss/pipnss.properties#54 and https://dxr.mozilla.org/mozilla-central/source/security/manager/ssl/nsNSSCertHelper.cpp#242 Although it seems pretty straightforward to produce a patch, I am not sure what other implications exist. It would be nice for more experienced programmers to push for a patch and improve the Certificate details view.