![(please configure the [header_logo] section in trac.ini)](https://www.ietf.org/images/ietflogotrans.gif)
Opened 11 years ago
Closed 10 years ago
#10 closed defect (fixed)
note that end-entity certs can be dristrib'd to http clients ?
| Reported by: | jeff.hodges@… | Owned by: | =JeffH |
|---|---|---|---|
| Priority: | major | Milestone: | |
| Component: | strict-transport-sec | Version: | |
| Severity: | Active WG Document | Keywords: | |
| Cc: |
Description
http://www.ietf.org/mail-archive/web/websec/current/msg00306.html
Subject: Re: [websec] Decouple HSTS's two orthogonal effects?
From: Adam Barth <ietf@…>
Date: Tue, 29 Mar 2011 14:35:58 -0700
To: Tom Ritter <tom@…>
Cc: websec@…
<snip/>
Also Section 9 recommends distributing root CA certs to users'
browsers, and does not mention the possibly of distributing the leaf
certs instead. Less related, but I prefer to trust organizations leaf
certs individually than their root cert.
I don't have a problem with also recommending leaf certs, but you
should check with =JeffH.
Adam
Change History (1)
comment:1 Changed 10 years ago by jeff.hodges@…
- Resolution set to fixed
- Status changed from new to closed
Note: See
TracTickets for help on using
tickets.
