Jean-Marc Desperrier wrote: > Maybe it would be adequate to require that the CA applies a policy that > lowers the risk of homograph spoofing attacks.
I've actually opposed this in the past. Homograph spoofing avoidance policies are the domain of registries, not CAs. These checks should be done well, and they should be done in only one place - the registry. Any other system would lead to buck-passing. Gerv _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
