Name Constraints, was Re: [caops-wg] Re: ca signing policy file
Cowles, Robert D.
rdc at slac.stanford.edu
Wed Oct 12 18:00:59 CDT 2005
But such "ageeemwnts" are just a way of encoding the CA in the
random number. What about number portability? If I have a
number from CA-1 are you saying I can't take that cert to
CA-2 and get a certificate from them?
BC
> -----Original Message-----
> From: Frank Siebenlist [mailto:franks at mcs.anl.gov]
...
> This means that when you allow multiple CAs to issue random
> numbers as
> names for subjects, those CAs should have some agreement that none of
> their fellow CAs should issue the same random number to a different
> person/entity. There are some technical solutions that could help to
> prevent collisions, but the main issue is one of policy conformance.
>
> -Frank.
More information about the caops-wg
mailing list