10 Oct
2005
10 Oct
'05
3:30 p.m.
David Chadwick writes:
AIA extensions that jump around missing links in the trust chain Its actually worse than that. Microsoft will actually trust and validate certificates that have names that do not conform to the name constraints Somewhere I have read a justification / method for this but have lost track.
I am still to find a justification for this :-)
I thought I had read something to the effect of it being used to help set up the path discovery, not suborn name constraints, but I admit I cannot find the reference. Maybe it's it in MSDN somewhere.