[nycbug-talk] Top Level Domain SSL Certificates
Brian A. Seklecki
lavalamp at spiritual-machines.org
Fri Feb 29 11:55:02 EST 2008
On Fri, 29 Feb 2008, Matt Juszczak wrote:
> Hopefully this isn't going too off topic:
>
> One of my customers is interested in getting an SSL cert for his entire
> domain name (IE: *.bar.com instead of foo.bar.com).
Yea I've played this game. Its stacked pretty well.
IE6 only honors one subdomain in wildcard certificates.
FF2.x honors a true wildcard.
EV certs only support one CN= and one subjAltName= value, if you're lucky.
No wildcards available. Grab your socks and pull. ~BAS
>
> Other than being more expensive, and in my opinion not the best idea
> security wise, what are other pros/cons? Does anyone have any experience?
> Do these work well?
More information about the talk
mailing list