Gervase Markham wrote: > Jean-Marc Desperrier wrote: > >> Maybe it would be adequate to require that the CA applies a policy that >> lowers the risk of homograph spoofing attacks. >> > > I've actually opposed this in the past. Homograph spoofing avoidance > policies are the domain of registries, not CAs. These checks should be > done well, and they should be done in only one place - the registry. Any > other system would lead to buck-passing. > > Hi Gerv,
Nice seeing you around.... ;-) I think what Jean-Marc (and me previously) meant, is not related to the domain name or email address but about the other details in the subject line. Obviously the CN (or emailAddress) field is to be verified accordingly... -- Regards Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org> Jabber: [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]> Blog: Join the Revolution! <http://blog.startcom.org> Phone: +1.213.341.0390 _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
