On 06/03/2016 09:13 AM, Nikos Mavrogiannopoulos wrote:
If you are of the types who like tinkering, here is a way to restrict CA certificates in your Fedora on specific domains. Currently limited to gnutls applications. http://nmav.gnutls.org/2016/06/restricting-scope-of-ca-certificates.html
Is there also a way to do the opposite, that is, list which CAs are permitted to issue certificates for certain parts of the DNS tree?
Thanks, Florian -- security mailing list security@xxxxxxxxxxxxxxxxxxxxxxx https://lists.fedoraproject.org/admin/lists/security@xxxxxxxxxxxxxxxxxxxxxxx
