On Tue, Dec 20, 2022, at 14:00, Qin Wu wrote: > If we can introduce long prefix match like mechanism to deal with > multiple level of subdomain matching, this issue will be easily solved.
This is not something that the IETF can do at this stage - or at least not so simply. Wildcard certificates are defined as they are (see RFC 2818 for an early, but not the earliest rules) and changing that is not an option. Making them more capable as you suggest is just as impractical as ending their use as Peter might prefer. Changing something like this, that is very widely deployed, requires a lot of effort over many years. This draft is just an effort to precisely describe how the Internet currently works (or should function). _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
