Comment 2 for bug 1492905
Revision history for this message
| Stanislaw Pitucha (stanislaw-pitucha) wrote | #2 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)
If Anchor uses a CA with NameConstraints extension that specifies it's valid for ".example.com", then it should sign "name.example.com", but refuse "name.example.net". The ".net" certificate wouldn't be valid anyway, so this should be independent of what the user-defined validators say.