On Mar 25, 2005, at 16:06, Adam Back wrote:
There's an X.509v3 NameConstraints extension (which the higher CA would
include in the lower CA's cert) but I have the impression that ends
system software does not widely support it. And of course if you don't
flag it critical, it's not very effective.
Well I would say downright dangerous -- if its not flagged critical and not understood, right?
Implication would be an intended constrained subordinate CA would be able to function as an unconstrained subordinate CA in the eyes of many clients -- free ability to forge any domain in the global SSL PKI.
Exactly. (Just like the root CAs in the browser's shipped list. :-)
And if it's marked critical, the certificate is no damn use to almost anyone. Chicken, meet egg. Egg, chicken.
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
