Are there any such certificates "in the wild"? Do current clients support it? If there aren't any and it is not supported anyways, let's keep status quo and do not make things more complicated than needed. For www1, www2 etc one may use extra name component and that's all.
On Wed, Oct 06, 2010 at 03:48:44PM -0600, Peter Saint-Andre wrote: > > (e.g., baz*.example.net is not allowed and MUST NOT be taken to match > baz1.example.net and baz2.example.net) > > This is in clear contradiction to the wildcard matching specified > in rfc-2818 Section 3.1. And without any rationale for this U-Turn, > that seems to be entirely inappropriate for a BCP. > _______________________________________________ certid mailing list [email protected] https://www.ietf.org/mailman/listinfo/certid
