|
|
|
|
|
|
by 8organicbits
679 days ago
|
|
|
Yes! Context specific CA trust would be great, but AFAIK isn't possible yet. Even name constraints, which are domain name limitations a CA or intermediate cert place on itself, are slowly being supported by relevant software [1]. As a contractor, I'll create a per-client VM for each contract and install any client network CAs only within that VM. [1] https://alexsci.com/blog/name-non-constraint/ |
|
|