The Microsoft Volume Licensing Service Center (VLSC) is definitely affected, at
least from my recent experience - i've been struggling with their service for
the past week because the email address validations from Microsoft VLSC seem to
be intercepted/blocked somewhere - i'm having difficulties validating the
postmaster address as business address for VLSC access because the email from
their servers is simply not even delivered to me - from my mail server's point
of view it looks like a classic hijack - my mail server doesn't see even the
slightest attempt at a TCP/25 IPv4 connection from their mail servers.
If anyone from Microsoft is following this thread, please look into support
issue
"VLS Ref: C 6495613 / VLSC access" - most of it is unrelated to the BGP routing
issue, but the email address validation part might be related.
~~~~
Adrian R.
On 15.12.2017 06:16, Matthew Hardeman wrote:
Has anyone started looking into CA issuances -- or even more importantly -- CA
domain validations performed successfully and yet without issuing a certificate
(say, wanting to cache the validation) for the brief periods in which much of
the internet saw alternative target destinations for a great deal of high value
organization IP space?
For those CAs with workflows which allow for expressly requesting a domain
validation but not necessarily requiring that it be immediately utilized (say,
for example LetsEncrypt or another CA running ACME protocol or similar) it
might be of interest to review the validations performed successfully during
those time windows.
Additionally, it may be of value for various CAs to check their issuances upon
domain validation for those periods.
You can find the time periods and details about some of the IP space hijacked
at bgpmon.net
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy