This year the CA/Browser Forum has put considerable discussion into the concept of "default deny." It's a philosophy for how to interpret potential ambiguities in existing guidelines for public certificates, and how you land on the default-deny question can have a significant impact on how you interpret the rules. Join our hosts as they describe this debate and its potential impact on public certificates.