在 2016年12月20日星期二 UTC+8下午8:21:33,Tom写道: > According to The Uniform Domain-Name Dispute-Resolution Policy, > letsencrypt.cn seem use in bad faith. > > On December 20, 2016 2:45:47 PM GMT+08:00, "谭晓生" <[email protected]> wrote: > >It is ICP license you talked about, you can find some information here: > >https://support.cloudflare.com/hc/en-us/articles/209714777-ICP-FAQ > > > >It is almost impossible to register a .cn or .com.cn domain in China > >for a foreign company which do not have a legal entity in China, > >legally. > >The websites will be blocked for access by the ISP/Telco if the > >websites were hosted in China but do not have valid ICP licenses or > >even the IPs have not been registered to the government. if it is not > >that hard before, but it has more and more regulatory polices. > > Yep. As far as I known, it must use the service of one of Chinese hosting > providers. Therefore, .cn domain name must point to Chinese IP adress. > > On December 19, 2016 3:54:43 PM GMT+08:00, Han Yuwei <[email protected]> > wrote: > >Since letsencrypt.org is very famous, I think the best way is to > >redirect letsencrypt.com.cn and letsencrypt.cn to letsencrypt.org > > And, It is disallowed redirecting to the website which haven't ICP license. > > [email protected] wrote: > >For Letsencrypt, if you want to own the .cn or .com.cn domain legally, > >think of to set a legal entity in China. > > I don't think it's a good idea. It may will take much time and money for > organization. And I think that Chinese government is not friendly to foreign > companies/organizations.
.cn can use CNAME redirect and don't required to point to a Chinese IP address. ICP is for *host* not for domain. I think this is out of m.d.s.p's scope. Maybe we can leave this to Letsencrypt and Wosign. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
