On Tue, Jun 17, 2003 at 09:57:24AM +0100, Pete Chown wrote:
> I can't see any generalised threats that would justify withdrawing
> wildcard certs, but perhaps others can.
I think it's maybe cleaning a pistol for the user, but it's neither
loading it, nor pointing it at the
rade as the American office.
I can't see any generalised threats that would justify withdrawing
wildcard certs, but perhaps others can.
--
Pete
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
also sprach Stefan Kelm <[EMAIL PROTECTED]> [2003.06.16.1652 +0200]:
> Now, suppose I buy a certificate for *.i-am-bad.com (assuming that I'm
> the owner of that domain). I could then set up an SSL server with a
> hostname of something like
>
> www.security-products.microsoft.com.order.regist
Martin,
> Are wildcard certficates good? secure? useful?
There's a problem with wildcard certs wrt how URLs are being displayed in
many of the browsers, esp. the older ones. If the host name is extremely
long the browser will be unable to show the complete URL to the user,
with some
I just ran across
http://certs.centurywebdesign.co.uk/premiumssl-wildcard.html
but there are many more sites like that:
Secure multiple websites with a single PremiumSSL Certificate. For
organisations hosting a single domain name but with different
subdomains (e.g. secure.centurywebdesig