* Michael Ströder: > Florian Weimer wrote: >> What about requiring that all certificates must be published by the CA >> (including sub-CAs)? > > No, this might lead to also revealing internal DNS names never meant to > be public.
Huh? Typical CA policies explicitly state that subscriber certificates are not confidential, and are not treated as such by the CA (so that they can be used by marketing, for instance). -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
