On 02/21/2009 11:19 PM, Paul Hoffman:
I don't see how the attack could have been done without wildcards. CA
guidelines say that certificates should not be issued with homographic
characters that might cause confusion
They do? Where?
Some CA policies do. I can't recall right now, but EV might
>I think part of what's going on here is a confusion between CAs and domain
>name registrars. IIRC there was indeed some sort of agreement among domain
>name registrars to implement special checking for internationalized domain
>names.
There was no such agreement. TLD registries ask which langu
Paul Hoffman wrote:
UTR #36 is not a CA guideline, it is a guideline that some CAs might
read and implement. I know of none that have.
I think part of what's going on here is a confusion between CAs and
domain name registrars. IIRC there was indeed some sort of agreement
among domain name reg
>On Sat, Feb 21, 2009 at 1:19 PM, Paul Hoffman wrote:
>>>I don't see how the attack could have been done without wildcards. CA
>>>guidelines say that certificates should not be issued with homographic
>>>characters that might cause confusion
>>
>> They do? Where?
>
>I believe that Unicode Technica
4 matches
Mail list logo
