On 04.11.2009 20:31, Florian Weimer wrote:
* Reed Loden:
$ whois -h whois.iana.org external.int
Domain external.int not found.
SSL certificates shouldn't be issued to domains that don't exist. ;)
Does the CPS really say that? Where?
SSL certs should be issued only to the owner of the domain or party in
control of the domain. (The requirements are explicit about that.)
Given that non-existing domains don't have an owner, there must not be
certs issued for them.
Ben
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
