On 11/24/2008 09:44 PM, Nelson B Bolyard:
Eddy Nigg wrote, On 2008-11-24 11:35:
On 11/24/2008 07:33 PM, Nelson B Bolyard:
The only solution to this that is apparent to me is for the web to
evolve to the point where browsers no longer accept DNS names in
non-standard locations in the cert, such as in the Subject Common Name.
Which in itself might create quite some problems. I guess we don't need
any more problems right now when considering the current UI
implementation and complaints coming in... Just imagine CN fields
wouldn't be checked anymore by NSS:
"OMG, my openssl cert doesn't work anymore. Firefox is broken!" :-)
There are 5 browser makers cooperating now as never before in the area
of SSL. If they all dropped support for CNs together...
Well, ping Johnat and point him to this thread. From my point of view if
this becomes an agreed effort, the better...
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber: [EMAIL PROTECTED]
Blog: https://blog.startcom.org
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
