On 18/12/2018 16:41, Ryan Sleevi wrote: > On Tue, Dec 18, 2018 at 7:41 AM Rob Stradling wrote: > On 14/12/2018 21:06, Wayne Thayer via dev-security-policy wrote: > <snip> > > I think it;s worth calling out that Let's Encrypt has implemented > what > > appears to be a relatively simple mitigation: > > > > https://community.letsencrypt.org/t/edns-buffer-size-changing-to-512-bytes/77945 > > Sectigo implemented this same mitigation about a month ago. > > > Like Let's Encrypt, is there any data Sectigo can share regarding the > impact it has had on operations? Or has it been so negligible as to not > notice?
Hi Ryan. We've not noticed any difference. > It's rather encouraging to hear another CA has deployed this, seemingly > successfully, and having data that shows the impact helps make informed > decisions about whether attempting to mandate through policy - whether > Mozilla or the CA/Browser Forum - would have any negative effects, given > the positive effects it seems to have. -- Rob Stradling Senior Research & Development Scientist Sectigo Limited _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
