The main reason that publicly trusted certificates are used by organizations for all infrastructure (internal and external) is that it's far cheaper than building and maintaining an internal PKI.
On Thu, Dec 27, 2018 at 4:14 PM Jakob Bohm via dev-security-policy < [email protected]> wrote: > On 27/12/2018 17:02, Rob Stradling wrote: > > On 27/12/2018 15:38, Jakob Bohm via dev-security-policy wrote: > > <snip> > >> For example, the relevant EKU is named "id-kp-serverAuth" not "id-kp- > >> browserWwwServerAuth" . WWW is mentioned only in a comment under the > >> OID definition. > > > > Hi Jakob. > > > > Are you suggesting that comments in ASN.1 specifications are meaningless > > or that they do not convey intent? > > > > Also, are you suggesting that a canonical OID name must clearly convey > > the full and precise intent of the purpose(s) for which the OID should > > be used? > > > > In general no. However in this special case, the comment is > inconsistent with everything else. > > Enjoy > > Jakob > -- > Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com > Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10 > This public discussion message is non-binding and may contain errors. > WiseMo - Remote Service Management for PCs, Phones and Embedded > _______________________________________________ > dev-security-policy mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
