Wosign's Issue mechanism is high risking for large enterprise. This is one prove:
https://gist.github.com/xiaohuilam/8589f2dfaac435bae4bf8dfe0984f69e Alicdn.com is the cdn asset domain name of Taobao/tmall who belong to alibaba, which are Chinese biggest online shopping websites. With the fake cert's middle man attack, password stealing, information leaking... _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
