Re: [webauthn] Operating System Vendor Public Key Infrastructure and Web Authentication from Adam Sobieski via GitHub on 2017-08-06 (public-webauthn@w3.org from August 2017)

From: Adam Sobieski via GitHub <sysbot+gh@w3.org>
Date: Sun, 06 Aug 2017 20:39:35 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-320531203-1502051972-sysbot+gh@w3.org>

X509 certificates commonly utilize _issued by_ and _issued to_ information.  Regarding question 2 (see also: #458), which broaches cross-domain keys, options include extending X509 certificates to include _issued for_ information, a sequence of domains with wildcards, to specify the domains which a certificate is intended for.

Operating system vendor-provided certificates could utilize the wildcard value "*" for _issued for_ and thus would be available for users to select for every domain.

https://www.ietf.org/rfc/rfc5280.txt
https://en.wikipedia.org/wiki/Wildcard_certificate

-- 
GitHub Notification of comment by AdamSobieski
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/521#issuecomment-320531203 using your GitHub account

Received on Sunday, 6 August 2017 20:39:36 UTC