|
|
|
|
|
|
by xnyhps
3351 days ago
|
|
|
I think github.io is a good example of where this can be very useful. Users have a lot of control over the content of their pages, but it is undesirable to allow them to get a cert for username.github.io. Previously the only defense would be to block all files or content that could be used for domain validation or specific blacklisting by all CAs. Now GitHub can just say "no one can generate certs for this domain". |
|
|