Wow.  I’m impressed.

Let’s Encrypt by their own declaration and by observed interactions in
their community help forums maintains a high value blacklist of domains.

It’s difficult to imagine how that list doesn’t include PayPal but did
include mail.ru.

Can you repeat that test with, say, microsoft.cologne?

Just testing a theory...

On Thursday, April 12, 2018, Peter Saint-Andre via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:

> On 4/12/18 9:17 PM, jomo via dev-security-policy wrote:
> >> I doubt Let's Encrypt would issue for paypal.any_valid_tld even if CAA
> would
> >> permit.
> >
> > https://paypal.cologne :)
>
> There's nothing like an existence proof to get one's attention. :-)
>
> Peter
>
> _______________________________________________
> dev-security-policy mailing list
> dev-security-policy@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-security-policy
>
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to