On 26/09/16 10:07, Gervase Markham wrote: > Hi Rob, > > On 23/09/16 16:18, Rob Stradling wrote: >> BTW, I also found certs containing the following ICANN suffixes (i.e., >> PSL+0), some of which may be of interest: > > Are these in the PUBLIC or PRIVATE section of the PSL?
(s/PUBLIC/ICANN) A mixture... WoSign: PRIVATE: cloudapp.net PRIVATE: github.io PRIVATE: qa2.com ICANN: kuzbass.ru StartCom: ICANN: astrakhan.ru PRIVATE: chirurgiens-dentistes-en-france.fr PRIVATE: (and *.chirurgiens-dentistes-en-france.fr) ICANN: chita.ru ICANN: (and *.chita.ru) PRIVATE: duckdns.org PRIVATE: goip.de ICANN: gouv.ci ICANN: gov.sc ICANN: ivanovo.ru ICANN: karelia.ru ICANN: lipetsk.ru PRIVATE: logoip.com PRIVATE: logoip.de ICANN: net.tj PRIVATE: nsupdate.info PRIVATE: realm.cz PRIVATE: sandcats.io ICANN: tsk.ru ICANN: uem.mz > CAs are, with > appropriate caution, not constrained from issuing certificates for PSL > entries in the PRIVATE section. (E.g. Google may want to provide SSL to > all appspot apps with a *.appspot.com certificate.) > > Gerv -- Rob Stradling Senior Research & Development Scientist COMODO - Creating Trust Online _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
