For sure. Apologies if that was worded confusing - we're hugely supportive of SRVNames, but solving the technical and policy issues around them is thorny and will require technical expertise, and I think most of the technical expertise of the Forum has been otherwise occupied by a number of more pressing matters (adoption of Certificate Transparency, strengthening of validation methods, reducing certificate lifetimes, etc)
On Fri, Mar 2, 2018 at 11:20 AM, Tim Hollebeek <[email protected]> wrote: > We’re willing to continue talking through those issues in an attempt to > reach a solution. I do think SRVNames would be a useful improvement. For > us, the lack of movement has had more to do with time constraints than > technical constraints! > > > > While SRVNames do offer a way to scope the authority to a particular > service (on any port), there's been no movement towards adopting them in > the CA/Browser Forum, due to the issues they would have with technically > constrained sub-CAs. >
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
