* Michael Stone: > On Tue, Feb 08, 2005 at 10:59:44PM +0100, Florian Weimer wrote: >>Uh-oh. No. It appears if someone has paid a few bucks to someone >>else. This has got nothing to do with names, they are not verified by >>most CAs. > > The name is what associates a CA signature with a site. They're not > signing the IP number.
The CA does not check that the certificate owner is also the owner of the name (think trademark). Therefore, it does not matter much what the CA signs. In this case, the CA signed the Punycode version of the domain name. It would probably sign ebay.biz (or ebay.info) as well, if the domain name owner had asked. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
