Erwann ABALEA <[EMAIL PROTECTED]> writes:
>On Fri, 25 Mar 2005, Florian Weimer wrote:
>>* Adam Back:
>>>Does anyone have info on the cost of sub-ordinate CA cert with a name
>>>space constraint (limited to issue certs on domains which are
>>>sub-domains of a your choice... ie only valid to issue ce
On Mar 25, 2005, at 16:06, Adam Back wrote:
There's an X.509v3 NameConstraints extension (which the higher CA
would
include in the lower CA's cert) but I have the impression that ends
system software does not widely support it. And of course if you
don't
flag it critical, it's not very effective
On Fri, Mar 25, 2005 at 04:02:36PM -0600, Matt Crawford wrote:
> There's an X.509v3 NameConstraints extension (which the higher CA would
> include in the lower CA's cert) but I have the impression that ends
> system software does not widely support it. And of course if you don't
> flag it criti
On Mar 25, 2005, at 11:55, Florian Weimer wrote:
Does anyone have info on the cost of sub-ordinate CA cert with a name
space constraint (limited to issue certs on domains which are
sub-domains of a your choice... ie only valid to issue certs on
sub-domains of foo.com).
Is there a technical option t
On Fri, 25 Mar 2005, Florian Weimer wrote:
> * Adam Back:
>
> > Does anyone have info on the cost of sub-ordinate CA cert with a name
> > space constraint (limited to issue certs on domains which are
> > sub-domains of a your choice... ie only valid to issue certs on
> > sub-domains of foo.com).
>
* Adam Back:
> Does anyone have info on the cost of sub-ordinate CA cert with a name
> space constraint (limited to issue certs on domains which are
> sub-domains of a your choice... ie only valid to issue certs on
> sub-domains of foo.com).
Is there a technical option to enforce such a policy on
The URL John forwarded gives survey of prices for regular certs and
subdomain wildcard certs/super certs (ie *.mydomain.com all considered
valid with respect to a single cert).
Does anyone have info on the cost of sub-ordinate CA cert with a name
space constraint (limited to issue certs on domains
