[cabfpub] [cabfman] Deceptive SSL cert issued for fake Chase domain

Gervase Markham gerv at mozilla.org
Wed Sep 11 02:57:06 MST 2013


On 10/09/13 20:39, Eddy Nigg (StartCom Ltd.) wrote:
> From time to time we get requests for certificates that contain possible
> domains within the host name, for example:
> 
> /domain.com.dom.net/

I think that if a requested domain name has a public suffix somewhere
within it other than at the end (obviously), CAs might want to flag that
request for manual review.

Certainly if "paypal" shows up as a domain component!

Gerv


More information about the Public mailing list