Y
Hacker News
new
|
ask
|
show
|
jobs
by
fomine3
1911 days ago
Issuing CA cert with Name Constraints is good, but end user should recognize the certificate is constrained to their domains or not.
1 comments
midasuni
1911 days ago
The end user should be able to choose the domains the root is valid for - regardless of x509 name constraints.
link