Confirmed users, Administrators
5,526
edits
CA/Root Store Policy Archive: Difference between revisions
Jump to navigation
Jump to search
→Items that belong in the Potentially Problematic Practices Wiki Page
| Line 41: | Line 41: | ||
=== Items that belong in the Potentially Problematic Practices Wiki Page === | === Items that belong in the Potentially Problematic Practices Wiki Page === | ||
* | Items that may belong in the [[CA:Problematic_Practices | Potentially Problematic Practices]] wiki page. | ||
* Long-lived DV certificates | |||
* Wildcard DV SSL certificates | |||
* Email Address Prefixes for DV Certs | |||
* Delegation of Domain / Email validation to third parties | |||
* Issuing end entity certificates directly from roots | |||
* Allowing external entities to operate subordinate CAs | |||
* Distributing generated private keys in PKCS#12 files | |||
* Certificates referencing hostnames or private IP addresses | |||
* Issuing SSL Certificates for Internal Domains | |||
* OCSP Responses signed by a certificate under a different root | |||
* CRL with critical CIDP Extension | |||
* Generic names for CAs | |||
* Lack of Communication With End Users | |||