Name Constraints, was Re: [caops-wg] Re: ca signing policy file
franks at mcs.anl.gov
Wed Oct 12 15:39:55 CDT 2005
If you could trust a CA for "some" names, you may be able to trust more
CAs and more easily...
Mike Helm wrote:
> Frank Siebenlist writes:
>> name-issuing to a CA is the only safeguard you have against any rogue CA
>> among the zillions that may be present in your trusted CA-directory.
> If you don't / can't trust the CA - don't use it.
Frank Siebenlist franks at mcs.anl.gov
The Globus Alliance - Argonne National Laboratory
More information about the caops-wg