Hmmm...why are all of the DNSNames duplicated?
The ones with a dot at the beginning don't need to be there, do they?
On 02/11/13 15:13, Kaspar Brand wrote:
On 02.11.2013 15:40, Erwann Abalea wrote:
You missed the exclusion of IPv6 addresses. So this CA can certify
for any IPv6 address range.
On 02/11/13 14:40, Erwann Abalea wrote:
Le samedi 2 novembre 2013 08:39:53 UTC+1, Kaspar Brand a écrit :
11 hours ago, a new certificate was given birth to which I would
like to share with this list for edification purposes. I think that the
audience here should be able to fully appreciate what
Kaspar, since you're looking for examples of Name Constraints in the
real world, this site's certificate chain has a slightly less crazy
example... ;-)
https://premier.intel.com
On 02/11/13 07:39, Kaspar Brand wrote:
11 hours ago, a new certificate was given birth to which I would
like to
Erwann, true, we did omit the required IPv6 constraint. Given the expiration
of the cross-certificate, we were not able to wait for the 5.4 version of
our PKI software currently in QA, which enables IPv6 excluded subtrees, to
be released. We expect to make longer term arrangements with BIT at a
On 04.11.2013 11:44, Rob Stradling wrote:
Kaspar, since you're looking for examples of Name Constraints in the
real world, this site's certificate chain has a slightly less crazy
example... ;-)
https://premier.intel.com
Or https://www.harica.gr. Or https://www.emporium.vt.edu. Or
5 matches
Mail list logo
