Nelson Bolyard wrote: > Eddy, I think perhaps you misunderstand what Frank was saying.
Yes. > The rest of your argument in the message to which I am reply seems to > hinge on this assumption that "there is no way to limit a [subordinate] > CA to a certain domain". But in fact there *IS* a way for a superior > CA to constrain the name space in which a subordinate CA may issue certs. And WISeKey in fact claims that it does impose such constraints, as noted in various comments in bug 371362 and in its technical security controls document (as I mentioned in a previous message). Frank -- Frank Hecker [EMAIL PROTECTED] _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
