<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Mar 19, 2015 at 4:50 PM, Eddy Nigg <span dir="ltr"><<a href="mailto:eddy_nigg@startcom.org" target="_blank">eddy_nigg@startcom.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><span class="">
<br>
<div>On 03/20/2015 01:26 AM, Jeremy Rowley
wrote:<br>
</div>
<blockquote type="cite">
<div><span style="color:#1f497d"><u></u> <u></u></span><span style="color:#1f497d">Resurrection of this proposal was
brought up at the face-to-face, but there wasn’t significant
discussion there (since the topic was primarily about EV
wildcards, not DV)<u></u><u></u></span></div>
</blockquote>
<br></span>
Absolutely in favor - any responsible CA shouldn't issue domain
control validated certificates with wild cards. I'd like to see this
become a standard.</div></blockquote><div><br></div><div>And still vehemently opposed :)</div><div><br></div><div>Wildcards are the best chance the Internet has to moving to a secure world, and prohibiting or restricting them does nothing (from this browsers point of view) to improve security, and would actively harm TLS adoption.</div></div></div></div>