Seb35 <> changed:

           What    |Removed                     |Added
                 CC|                            |

--- Comment #5 from Seb35 <> ---
From a technical point of view, I read a best practice could be not to add too
much DNS domains in one certificate because it adds these some bits of
certificate description to all clients. For *.com and *.net domains it could be
worth issuing them in a distinct certificate, if any.

Personally I’m not convinced it is worth adding TLS on *.com or *.net since it
is no more the canonical extension. And if stats are not soon available, I find
it would be better to deactivate the TLS on these domains because certificate
errors participate in lowering the global security by accustoming users to
false positives (and this bug is currently really an error because signed and
used domains mismatch, not just a self-signed certificate).

You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
Wikibugs-l mailing list

Reply via email to