Jean-Marc Desperrier wrote:
Michael Ströder a écrit :
[...]
A couple of days ago I've received a phishing spam e-mail with a
detailed description how to accept the new more secure EV cert of a
banking site. Obviously the goal was to trick the user to access a
phishing site. I didn't examine
On 14-Jan-09, at 6:06 PM, Ben Bucksch wrote:
On 14.01.2009 20:28, Johnathan Nightingale wrote:
On 14-Jan-09, at 2:03 PM, Ben Bucksch wrote:
Foundation must hold the end of the string that controls it all -
both legally (board etc.) and technically (domain ownership, repo
backup copy (which
On 15.01.2009 16:06, Johnathan Nightingale wrote:
I see. And what if, given that the foundation is a small entity with
few full time employees, they decided to contract out the management
of the technical side of things to, e.g., the Mozilla Corporation?
They are already doing that. I am not
Johnathan Nightingale wrote:
On 9-Jan-09, at 9:38 AM, Michael Ströder wrote:
Can OCSP still be disabled? Personally I have strong privacy concerns
since when checking for a server cert via OCSP the OCSP responder knows
which server you try to access (because the FQDN is in the server cert's
On Thu, 15 Jan 2009 17:23:53 +0100
Ben Bucksch ben.bucksch.n...@beonex.com wrote:
On 15.01.2009 16:06, Johnathan Nightingale wrote:
I see. And what if, given that the foundation is a small entity with
few full time employees, they decided to contract out the management
of the technical
ksreedha...@gmail.com wrote:
On Jan 14, 10:21 am, Glen Beasley glen.beas...@sun.com wrote:
Sreedhar Kamishetti wrote:
Hello,
I just started looking at JSS.
Can some one point me to the API provided by JSS for running Power Up
and Conditional Self Tests for various
Johnathan Nightingale wrote:
So, I will make the assertion that at least 80% of our users are not
going to benefit from the technical details we include in that error
message, and that while we could do another round of wording
improvements to try to finesse that, the issue goes deeper. 80%
Michael Ströder wrote, On 2009-01-15 08:23:
Johnathan Nightingale wrote:
You may also be interested in the work on OCSP-stapling, so that no
third party learns about your browsing, but you still get a CA-signed
OCSP response. The CAs are interested in this too, since it takes the
load
Eddy Nigg wrote:
On 01/05/2009 01:36 AM, Nelson B Bolyard:
3. I wonder if the non-developer topics are already within the scope of
another extant low-traffic list, namely dev-security (a.k.a.
mozilla.dev.security), except that I think the new list does not belong
in the dev hierarchy.
Nelson B Bolyard wrote:
3. I wonder if the non-developer topics are already within the scope of
another extant low-traffic list, namely dev-security (a.k.a.
mozilla.dev.security), except that I think the new list does not belong
in the dev hierarchy.
In an ideal world, it wouldn't, but it
On 15.01.2009 18:27, Reed Loden wrote:
Well, if you really want to go as far as to want mozilla.org's owner
to be MoFo, what do you say about the O= in the SSL certificate for
*.mozilla.org? The O= is currently Mozilla Corporation, rather than
Mozilla Foundation.
I don't care, myself. Not
11 matches
Mail list logo