- From: Thomas Roessler <tlr@w3.org>
- Date: Fri, 12 Oct 2007 19:55:00 +0200
- To: Ian Fette <ifette@google.com>
- Cc: Serge Egelman <egelman@cs.cmu.edu>, yngve@opera.com, Johnathan Nightingale <johnath@mozilla.com>, W3C WSC Public <public-wsc-wg@w3.org>
On 2007-10-12 10:30:50 -0700, Ian Fette wrote: > LOL... all I'm saying is this. For the case of www vs bare > hostname, I can see this being common enough to warrant > investigation. For the other cases, I see a lot of risk in terms > of opening up new attack vectors, changing defaults, breaking > standards etc, but I'm not sure I really see the benefit. Considering that the "real" fix for the problem is a wildcard cert, I'm leaning toward agreeing with you on this one, my prior remark nonwithstanding. -- Thomas Roessler, W3C <tlr@w3.org>
Received on Friday, 12 October 2007 17:55:12 UTC