Aberrant bits in certificates (location edition)

634 views
Skip to first unread message

Watson Ladd

unread,
Sep 11, 2024, 6:20:53 PMSep 11
to MDSP
Dear reader,

You would think that determining what country an organization is in is
an easy task. It isn't, as evinced by a long history of bugs across
CAs with doing this, two of which happen to be open now.

This raises a lot of questions. Do we really care about this
information? If so, can we rely on it in practice? If not, why is it
there to have bugs in it. Obviously for S/MIME the issues are a bit
different than Server Auth, but I think there is some overlap.

Sincerely,
Watson

--
Astra mortemque praestare gradatim

Suchan Seo

unread,
Sep 12, 2024, 6:39:03 PMSep 12
to dev-secur...@mozilla.org
sent it as private message by mistake, writeing it again;
there is possablity of someone else register same named company in different places.


2024년 9월 12일 목요일 오전 7시 20분 53초 UTC+9에 Watson Ladd님이 작성:
Reply all
Reply to author
Forward
0 new messages