Re: clarifications needed re safe form editor cert matching algorithm

On 2007-10-12 10:30:50 -0700, Ian Fette wrote:

> LOL... all I'm saying is this. For the case of www vs bare
> hostname, I can see this being common enough to warrant
> investigation. For the other cases, I see a lot of risk in terms
> of opening up new attack vectors, changing defaults, breaking
> standards etc, but I'm not sure I really see the benefit.

Considering that the "real" fix for the problem is a wildcard cert,
I'm leaning toward agreeing with you on this one, my prior remark
nonwithstanding.

-- 
Thomas Roessler, W3C  <tlr@w3.org>

Received on Friday, 12 October 2007 17:55:12 UTC