I'm mucking about with my FF root lis and it occurs to me that I think CA certificates, at least the roots, should be named after the entity that "owns" them such that a name like "o=VeriSign; c=US" is probably good while a name like "o=Best thing since sliced bread" is not good unless that is actually the name or DBA of the entity or person. This is to make it less likely that users will get confused should they ever see the subjectName of the root.
_______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
