On Monday, August 8, 2016 at 12:47:26 PM UTC-7, S Davidson wrote:
> However, I am interested in feedback from the Mozilla community, including
> any experience on handling subCAs with large numbers of nameConstraints.
My biggest concern relates to the re-use of the issuer name and key across
The use of DNS nameConstraints is a useful tool for restricting the scope of
SSL issuance by external subCAs, and examples exist with hundreds of
nameConstraints. However some subCA customers are reporting issues with some
applications when using subCA certificates that include large numbers
2 matches
Mail list logo
