|
|
|
|
|
|
by freedomben
775 days ago
|
|
|
You're arguing against a strawman (an argument that nobody is making). > No one is saying wildcard certificates should be mandatory. Nor am I saying they shouldn't ever be used. You may interpret it differently, but to me: > Why? As I understand it, the domain owner can assign the name you “trust” to any server already. Might as well trust all names by that domain owner. Essentially means "default to a wildcard." My example is absolutely a good reason why you should not default to a wildcard. There are situations where they make good sense. I use them myself. It's a terrible idea to use them everywhere and always, which is usually what ends up happening when wildcard certs are the default approach. |
|
|