[cabfpub] Localized CAs (was: Food for Thought)

Chris Palmer palmer at google.com
Wed Aug 29 19:04:31 UTC 2012


On Wed, Aug 29, 2012 at 9:23 AM, Hill, Brad <bhill at paypal-inc.com> wrote:

> Soft geographical/language zoning would allow a CA that only has ambitions to participate in a localized market to still have a no or extremely low friction experience for users in that market while greatly reducing the value of compromising that CA to adversaries outside that market.  DigiNotar only served the Dutch market.  There would've been little value to Iran in compromising it so it could target Persian speakers if such a mechanism were in place, even for a small percentage of browsers - as they could sound the alarm.

Would it as well as or better than name constraints? It seems harder
to get right than name constraints.



More information about the Public mailing list