Hanno Böck via dev-security-policy <dev-security-policy@lists.mozilla.org> writes:
>More dotdot-certificates: Given how widespread (meaning from different CAs) these are, is there some quirk of a widely-used resolver library that allows them? I've done a bit of impromptu testing of various tools/bits of code but none of them seem to allow double-dot domain names, so I'm wondering why there's so many of them that no- one's ever caught, until now by explicitly searching for them. Peter. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy