Skip to Content.
Sympa Menu

cacert-policy - [CAcert-Policy] Requiring more information thoughts...

Subject: Policy-Discussion

List archive

[CAcert-Policy] Requiring more information thoughts...

Chronological Thread 
  • From: Duane <duane AT>
  • To: Policy-Discussion <cacert-policy AT>
  • Subject: [CAcert-Policy] Requiring more information thoughts...
  • Date: Wed, 25 May 2005 13:25:42 +1000
  • List-archive: <>
  • List-id: Policy-Discussion <>

One issue some people have stated is they worry about us issuing certificates for the likes of, currently we require people to have code signing access before issuing IDN/punycode domain/email certificates, and a suggestion has been made for a similar requirement for anyone requesting certificates for high profile sites.

One way to determine popularity is by sites like which give out rankings...

I guess the question is how popular must a site be if we want to enforce this, and over what time period?

The other concern I have is with educational institutions as a lot of depts run their own sub-domain but not the TLD, and this could be cause for concern if someone from the TLD started getting certs for other sub-domains they shouldn't and then intercepting traffic, and I have no idea what to do about this as it will potentially effect legit users one way or another...


Best regards,
 Duane - Free Security Certificates - Think globally, network locally - Telecommunications Freedom - Sell your photos over the net! - Using Enum.164 to interconnect asterisk servers

"I do not try to dance better than anyone else.
    I only try to dance better than myself."

Archive powered by MHonArc 2.6.16.

Top of Page