Ian G wrote:
My perspective on this is taken from years of doing issuance contracts in an unregulated field. The
What is an issuance contract? (just curious)
In order to address this, I developed a simple rule:
tell the truth. Everything that was written into a
contract should be the truth. The digital signature
should attest to that.
So as long as whatever is in that cert is the truth, I don't see an issue. That's just me, tho!
Ian, You're the anti-phisher guy. I would expect you to want certs to contain more info to help fight phishing. Just how does a cert that contains only CN=pay.pal.com help avoid phishing?
-- Nelson B _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
