[cabfpub] [cabfman] Deceptive SSL cert issued for fake Chase domain

[Gervase Markham]

On 11/09/13 12:25, Ryan Sleevi wrote:
> Given the number of new gTLDS being approved, many of which are common
> English words, I don't feel that this 'common sense' approach actually
> provides benefits.

That is true. Perhaps it would be better for a CA to check for any of
its "high value domain list" as a substring of the requested string.

I agree that CAs should not be held solely responsible here, but this
seems like a fairly simple addition (given that they are already
checking for equality with the high value list!) that would have
reasonably few false positives.

Gerv