On 18/05/15 11:26, Kurt Roeckx wrote: > I think it only makes sense to name constrain a government CA if the > name constrained only covers government websites, and not all websites > in the country. Examples would be covering *.gov and *.go.jp. I think > that restricting them to *.jp, *.in, *.cn and so on doesn't actually add > enough value.
Why not? How is the security analysis different for the two options? Gerv _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
