+1 Michael Ströder wrote: > Kyle Hamilton wrote: > >> I should point out that the second is an example of a situation where >> such paranoia on the part of the MIS staff would be well-founded. >> > > I vote for the stricter handling of wildcards as proposed by Nelson. > > 1. IETF standards define a stricter wildcard handling. > 2. MS IE seems to handle it stricter than Mozilla products. > 3. I'd prefer a more secure handling in default installations of Mozilla > products especially for the mass of users not behind a MITM proxy (CN=* > sounds completely inacceptible to me). > 4. MITM proxies for enforcing policies still can be implemented with > certs-issued-on-the-fly with more CPU power (and better proxy software). > > Ciao, Michael.
-- Regards Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org> Jabber: [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]> Blog: Join the Revolution! <http://blog.startcom.org> Phone: +1.213.341.0390 _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
