[cabfpub] SRV Ballot

Kurt Roeckx kurt at roeckx.be
Tue Jun 14 21:44:00 UTC 2016


On Fri, Jun 10, 2016 at 05:28:04PM +0000, Jeremy Rowley wrote:
> 
> c)      For an IP address entry, the CA MUST verify the entry in accordance
> with Section 3.2.2.5 or has been granted the right to use it by the Domain
> Name Registrant or IP address assignee, as appropriate. Wildcard FQDNs are
> permitted.

An IP address that has a "Wildcard FQDN"?  This isn't making much
sense.

> As exceptions to RFC5280 and X.509, dNSName entries MAY contain Wildcard
> Domain Names, and FQDNs and Wildcard Domain Names MAY contain the underscore
> character ("_") in any location where the hyphen character ("-") is allowed.

I would really suggest that instead of adding exceptions to a
standards that you instead fix the standards, if needed.  As someone
who implements the standards, I can be strict in implementing what
it says that's allowed, and the BRs are not going to override that.



Kurt




More information about the Public mailing list