Re: [certid] additional security consideration
Peter Saint-Andre <stpeter@stpeter.im> Thu, 18 March 2010 04:29 UTC
Return-Path: <stpeter@stpeter.im>
X-Original-To: certid@core3.amsl.com
Delivered-To: certid@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
with ESMTP id D6E3C28C0DD for <certid@core3.amsl.com>;
Wed, 17 Mar 2010 21:29:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.955
X-Spam-Level:
X-Spam-Status: No, score=-1.955 tagged_above=-999 required=5 tests=[AWL=-0.486,
BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1JWZpjn-i5mE for
<certid@core3.amsl.com>; Wed, 17 Mar 2010 21:29:20 -0700 (PDT)
Received: from stpeter.im (stpeter.im [207.210.219.233]) by core3.amsl.com
(Postfix) with ESMTP id 314993A67F8 for <certid@ietf.org>;
Wed, 17 Mar 2010 21:29:20 -0700 (PDT)
Received: from squire.local (dsl-240-91.dynamic-dsl.frii.net [216.17.240.91])
(Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id
ADAAA40E15 for <certid@ietf.org>; Wed, 17 Mar 2010 22:29:30 -0600 (MDT)
Message-ID: <4BA1AC29.40903@stpeter.im>
Date: Wed, 17 Mar 2010 22:29:29 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US;
rv:1.9.1.8) Gecko/20100227 Thunderbird/3.0.3
MIME-Version: 1.0
To: certid@ietf.org
References: <20100318040731.GA15227@eltex.net>
In-Reply-To: <20100318040731.GA15227@eltex.net>
X-Enigmail-Version: 1.0.1
OpenPGP: url=http://www.saint-andre.com/me/stpeter.asc
Content-Type: multipart/signed; protocol="application/pkcs7-signature";
micalg=sha1; boundary="------------ms020508090408030303040806"
Subject: Re: [certid] additional security consideration
X-BeenThere: certid@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Representation and verification of identity in certificates
<certid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/certid>,
<mailto:certid-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/certid>
List-Post: <mailto:certid@ietf.org>
List-Help: <mailto:certid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/certid>,
<mailto:certid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Mar 2010 04:29:22 -0000
On 3/17/10 10:07 PM, ArkanoiD wrote: > Second level domain MUST NOT be wildcarded, thus *.com is invalid and should > never match. (as well as "*", of course) Good point. We seem to have assumed that one... Peter -- Peter Saint-Andre https://stpeter.im/
- [certid] additional security consideration ArkanoiD
- Re: [certid] additional security consideration Peter Saint-Andre
- Re: [certid] additional security consideration Joe Orton
- Re: [certid] additional security consideration Michael Ströder
- Re: [certid] additional security consideration Joe Orton
- Re: [certid] additional security consideration Michael Ströder
- Re: [certid] additional security consideration Peter Saint-Andre
- [certid] open issue: wildcard certs Peter Saint-Andre
- Re: [certid] open issue: wildcard certs ArkanoiD