- From: Johnathan Nightingale <johnath@mozilla.com>
- Date: Wed, 26 Mar 2008 09:32:28 -0400
- To: Thomas Roessler <tlr@w3.org>
- Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>, "Yngve N. Pettersen" <yngve@opera.com>, public-wsc-wg@w3.org
On 26-Mar-08, at 7:52 AM, Thomas Roessler wrote: > Yngve, Johnath, would you have any input what your current > implementations do with (a) wildcards in CNs in terms of matching, > and (b) how they are distinguished from human-readable CNs for the > purpose of deriving whatever string can be shown to people. The current AA certs out there (EV certs) don't allow wildcard matching, but in any case, EV certs also require, full stop, a valid O field, so we don't walk the rest of the cert for that value. If a CA is issuing EV certs without valid (and validated!) O fields, they should fail their audits. :) Cheers, J --- Johnathan Nightingale Human Shield johnath@mozilla.com
Received on Wednesday, 26 March 2008 13:33:10 UTC