[cabfpub] ICANN, gTLD, internal names
Geoff Keating
geoffk at apple.com
Fri Mar 15 15:27:27 MST 2013
One thing that does affect CAs is that if a heavily used internal TLD like .corp is made global, then there's still the possibility of conflict between an internal CA and a cert that a global CA issues.
For example, suppose Widgets Inc. uses widget.corp internally. They have an internal CA and have issued a cert to www.widget.corp. Now suppose ICANN allocates .corp and someone else registers widget.corp. Even after 2016, that someone else can get a cert from a CABforum CA for www.widget.corp (since they own it) and then use that cert to attack Widgets Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4316 bytes
Desc: not available
Url : https://cabforum.org/pipermail/public/attachments/20130315/8519b504/attachment.bin
More information about the Public
mailing list