On Fri, Feb 26, 2016 at 06:22:22AM -0800, Christoph Klein wrote: > To prevent future problems with values in the certficate fields, we have > implemented another layer of cross checks after the issuing of the > certificate.
Shouldn't you be doing the checking *before* you issue the certificate? It seems wasteful and risky to issue the certificate and only then make sure it should have been issued before sending it to the customer. - Matt _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
