在 2016年9月13日星期二 UTC+8下午7:12:22,Matt Palmer写道: > On Mon, Sep 12, 2016 at 08:38:00PM -0700, Han Yuwei wrote: > > 在 2016年9月13日星期二 UTC+8上午8:07:31,Matt Palmer写道: > > > If Cloudflare *was*, in fact, obtaining certificates on behalf of all its > > > DNS-using (only) customers on the "off chance" that they might want to use > > > their proxy services in the future, that would be extremely creepy and > > > unpleasant, but so far I don't think there's enough evidence to be able to > > > say such a thing is happening at present. It seems far more likely that > > > bupt.moe was a Cloudflare proxy customer (if only for a *very* brief > > > time), > > > the certificate was issued for that purpose, and now the domain has been > > > pointed elsewhere, and the name is just hanging around in a cert which > > > will > > > expire in six months or so. > > > > I am the owner of BUPT.MOE and I just use DNS service. > > And you've never ticked (or unticked[1]) the little "cloud" icon to the > right of *any* record in bupt.moe? > > - Matt > > [1] I took a support request today for a "DNS only" Cloudflare customer, and > it appeared that their root record was being passed through Cloudflare. I > haven't heard back as to whether someone at their end knowingly enabled it, > but there's the possibility that Cloudflare automagically enables proxying > by default -- which is deplorable, IMO, from a user experience perspective, > but not something that is relevant from an SSL perspective. > > -- > The main advantages of Haynes and Chilton manuals are that they cost $15, > where the factory manuals cost $100 and up, and that they will tell you how > to use two hammers, a block of wood, and a meerkat to replace "special tool > no. 2-112-A" -- Matt Roberds in asr.
Maybe I ticked it by accident. And I don't remember it.But I think it is better to notice me that Cloudflare is going to apply the certificate. StartCom send a email to my mailbox which registered in WHOIS saying that a certificate of my domain is issued. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
