On Thu, Mar 9, 2017 at 2:08 PM, Ilari Liusvaara
wrote:
> On name constraints, name-constraining a wildcard certificate (e.g.
> to "redact" data from CT) could be useful to avoid default-vhost
> attacks against HTTP servers (there are lots of servers that
> are misconfigured). Especially in HTTP/2
On Thu, Mar 09, 2017 at 04:50:24PM +, Subodh Iyengar wrote:
> Based on the comments during the last TLS WG meeting and the
> comments on the list, we've revised and submitted a new version
> of delegated credentials
> https://www.ietf.org/id/draft-rescorla-tls-subcerts-01.txt.
>
> This has s
