On Mon, Sep 29, 2014 at 12:26:47PM -0700, Rick Andrews wrote: > Since it's not an absolute requirement at this point (either from CABF or > from individual browsers' policies) I suggest that log servers cannot > enforce the use of technical constraints in intermediate CAs.
Logs shouldn't be enforcing *anything*. A log isn't a judge, it's a record. The only constraints on what should be rejected from being accepted by a log should be those things which prevent abuse sufficient to render a log unusable. - Matt _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
