[alcari]

I wish we lived in a world where X.509 name constraints[0] were actually useful, but unfortunately we don't, and I think getting browsers (never mind other TLS clients) to enforce them is even less likely than the various root stores revoking known-bad CAs.

[0]: https://tools.ietf.org/html/rfc5280#section-4.2.1.10

[wiml]

We're closer than we used to be. I think Apple is the only remaining major holdout that doesn't handle name-constraints.