1. How do I cite the CABFORUM WebPKI set of anchors. Does it have a clear name? (Because it's not identical on all platforms/browsers/libraries).
2. An attack where CA B (mistakenly) issues a certificate for corp.example, when it should have been CA A is called... ??? I know it as Comodo-Gate. https://www.theregister.com/2011/03/30/comodo_gate_latest/ But, is there a less name-branded name for this attack? (And what can I cite?) This is for a Security Considerations for anima-brski-cloud, where I would like to argue for minimizing the number of trust anchors shipped with devices. With the tradeoff against flexibility. -- Michael Richardson <mcr+i...@sandelman.ca> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ Uta mailing list -- uta@ietf.org To unsubscribe send an email to uta-le...@ietf.org
