I don't know about a wide study, but if you look at the PKIX mailing list archives around last May, there was a lively discussion with some anecdotal evidence.
Turns out quite a few browsers don't enforce name constraints. When present, they ignore it even if the Critical bit is set (which RFC 5280 says is a MUST). The trigger for that discussion was that iOS changed its behavior so that it started failing on critical name constraints. Of course, it's been 8 months, so things may have changed. Yoav -----Original Message----- From: wpkops-boun...@ietf.org [mailto:wpkops-boun...@ietf.org] On Behalf Of Leif Johansson Sent: Wednesday, January 09, 2013 9:40 AM To: wpkops@ietf.org Subject: Re: [wpkops] Some lessons of the Turktrust incident > This is something that is easily implemented using a path length > constraint but you have to know that there is a potential problem to > avoid it. > Has anyone done interop testing in the wild for path length and name constraints, eg for commonly deployed TLS stacks and browsers? Cheers Leif _______________________________________________ wpkops mailing list wpkops@ietf.org https://www.ietf.org/mailman/listinfo/wpkops Email secured by Check Point _______________________________________________ wpkops mailing list wpkops@ietf.org https://www.ietf.org/mailman/listinfo/wpkops