On Tue, Dec 18, 2018 at 6:52 PM Jeremy Rowley via dev-security-policy < [email protected]> wrote:
> Ballot 202 failed. I’m not sure how it’s relevant other than to indicate > there was definite disagreement about whether underscores were permitted or > not. As previously mentioned, I didn’t consider underscore characters > prohibited until the ballot was proposed eliminating them in Oct. I know > the general Mozilla population disagrees but, right or wrong, that’s the > root cause of it all. I can explain my reasoning again here, but I doubt it > materially alters the conversation and outcome. > I agree that Jeremy that the situation with underscores was unclear prior to the ballot in October. Three years ago when I was writing certlint, my very first public commit has the comment: # Allow RFC defying '*' and '_' I honestly haven't been pay a lot of attention to the CA/Browser Forum recently. Given the rationale for getting rid of underscores is RFC compliance, did the ballot also disallow asterisks? They are also not allowed by the "preferred name syntax", as specified by Section 3.5 of [RFC1034] <https://tools.ietf.org/html/rfc1034#section-3.5> and as modified by Section 2.1 of <https://tools.ietf.org/html/rfc1123#section-2.1> [RFC1123] <https://tools.ietf.org/html/rfc1123#section-2.1>. Thanks, Peter _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
