Robin Alden wrote:- > Eddy Nigg wrote:- > > Oh and f) is also interesting ;-), I wonder how many > > "localhost" certificates were issued so far... > [Robin said...] > Not many! We do issue quite a number for organizations to use internally > on > other names, though. > E.g. if we have a server on our corporate intranet called wiki.comodo then > I > might want a certificate to allow me to use https://wiki.comodo. I can't > buy an SSL certificate from one of our range of Internet SSL certificates > because I can't pass the domain validation step. Hence we have a > different > product range which, rather than validating domain ownership, validates > that > the domain name is not usable on the internet. [Robin said...] I'd like to revise my answer there since I had a few wires crossed.
f) refers to an SSL product which is limited in such a way that it isn't generally usable on the public internet. We offer no warranty on the product, and the main part of the domain validation is to ensure that the domain name in the certificate is not a valid internet name or, if the certificate is for an explicit IP address, that the IP address is not internet routable. We do issue quite a number of these certificates, especially for use within enterprise organizations. We don't issue many to localhost in particular but we have issued some! Regards Robin _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
