On 02/23/2009 04:57 PM, Ian G:
* IDNs present more danger than wildcards,
* wildcards present more danger than IDNs,
* they are approximately the same level of danger,
and trying to separate them out is not efficacious
at this level of discussion?
Anything which can be misused in such a way should be effectively
prevented by policy.
https://wiki.mozilla.org/CA:Problematic_Practices
We see one, and not the other.
The one which is isn't listed (IDN) requires another policy decision
concerning what CAs should do in order to prevent occurrences such as
PAYPA1.COM, MICR0S0FT.COM, PayPaI.com and similar. Only then it's
reasonable to limit IDNs on the same basis.
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber: start...@startcom.org
Blog: https://blog.startcom.org
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
