Sigh, looks like this is a utopian dream at this moment, (:-, I am fine with documenting what we have now. Thank for your clarification, Martin.
-Qin -----邮件原件----- 发件人: Martin Thomson [mailto:[email protected]] 发送时间: 2022年12月20日 11:53 收件人: Qin Wu <[email protected]>; Peter Saint-Andre <[email protected]>; [email protected] 抄送: [email protected]; [email protected] 主题: Re: [Uta] Opsdir early review of draft-ietf-uta-rfc6125bis-08 On Tue, Dec 20, 2022, at 14:00, Qin Wu wrote: > If we can introduce long prefix match like mechanism to deal with > multiple level of subdomain matching, this issue will be easily solved. This is not something that the IETF can do at this stage - or at least not so simply. Wildcard certificates are defined as they are (see RFC 2818 for an early, but not the earliest rules) and changing that is not an option. Making them more capable as you suggest is just as impractical as ending their use as Peter might prefer. Changing something like this, that is very widely deployed, requires a lot of effort over many years. This draft is just an effort to precisely describe how the Internet currently works (or should function). _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
