* I would very much like to stick to the original idea I proposed back before the initial draft: Let's just rewrite RFC 6125 to remove the concept of CN-ID, and call it a day. Don't put any requirements on producers of certificates. They can put whatever they want into the Common Name field and it will be ignored by conformant (to the new spec) validators.
I also think we should have the wildcard limitations that are in the draft-use-san. The more I think about it, the more I am in favor of this. As I said back then, I’m willing to do it. Anyone else have a preference between this and Eliot’s?
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
