> We also need some way to restrict what certificates "less trustworthy" CAs can sign. Even if CNNIC is one day reinstated, I wouldn't want them to sign any certificate for any domain that doesn't end with .cn. Ditto for various other government-sponsored CAs, which my browser also seems to trust for whatever reason. Even if TLS as we know it has no mechanism to enforce such restrictions, nothing stops browsers from doing it on their own.
Aren't you asking for "name constraints" to be enforced? If they could do this, they could fix the whole CA fiasco, but actually delegating domains rather than have a system where Root CAs are trusted for all domains.
Yes, "name constraints" is what I was suggesting. (I vaguely remembered that there was something in the relevant standards that allow such constraints, but I couldn't remember the name and wasn't sure that it was actually in the standards. So I just tried to explain the idea.)
It does exist. Now do I trust the existing certificate validation code to do the right thing in all cases in presence of the extension? Not one second.
Aren't you asking for "name constraints" to be enforced? If they could do this, they could fix the whole CA fiasco, but actually delegating domains rather than have a system where Root CAs are trusted for all domains.