[yrro]

Do real world https clients actually verify the end entity certificate against the name constraints of all the certificates in the trust chain?

[szubster]

Yes, they are. The extension should be marked as critical, so if the client does not understand it it should error out. At least java, go, curl and all major browser support it.

[vegardx]

I believe clients that don't support name constraints extension won't pass certificate chain verification should the root, intermediate or certificate itself have a name constraint defined.

[cpach]

Good question. I’m guessing that modern browsers such as Google Chrome and Firefox does. When it comes to agents such as wget, curl, mstsc.exe, etc, then I’m not so sure.