* Gervase Markham: > On 24/03/15 09:38, Florian Weimer wrote: >> The intermediate certificate which prompted this discussion had C=EG, >> which does not align well with a limitation to the Chinese market. > > I'm not entirely sure what you are saying here. Are you saying you are > suprised not to see ".eg" in that list?
Or a more diverse choice of (cc)TLDs, yes. > CNNIC could issue a cert to an Egyptian Company called Cairo Corporation > for cairocorp.com, and the issuer would be C=EG, O=Cairo Corporation, > but the CN would be www.cairocorp.com. In this type of case, .eg would > not show up in the list. Technically, this is true. I just find it odd that the offending certificate suggests a relationship with a non-Chinese market, while at the same time, Richard's data only shows the top gTLDs and various China-related TLDs. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
