- From: James Graham <james@hoppipolla.co.uk>
- Date: Mon, 14 Oct 2013 11:48:32 +0100
- To: public-test-infra@w3.org
On 14/10/13 11:40, Robin Berjon wrote: > On 11/10/2013 17:15 , Tobie Langel wrote: >> On Friday, October 11, 2013 at 5:05 PM, James Graham wrote: >>> I don't really know how you would get a certificate for such a hostname >>> though. A self-signed cert. isn't good enough since browsers will >>> complain about it. I assume no CA will actually sign such a cert. >>> (additionally, the name is theoretically resolvable; someone could pay >>> for the .test tld. Hopefully that's not a big risk, but it's hard to >>> know). >> >> Why don't we just purchase a domain name and use it only for that? > > Yeah, in case I wasn't clear that's one of the options I was thinking > of. I only mentioned using a non-existing TLD to provide perhaps > stronger guarantee that it won't resolve, but we can easily just own the > domain and pledge never to use it. > Hmm, well I don't have a concrete objection except that it feels very dubious to start passing a private key around, even if we are never going to use the domain for any other purpose. I would at least like someone who understand this stuff better than me to say that it's an OK idea before I agree to it :)
Received on Monday, 14 October 2013 10:48:58 UTC