On Tue, May 19, 2020 at 12:38 PM sandybar497--- via dev-security-policy <dev-security-policy@lists.mozilla.org> wrote: > I actually submitted this post 6 days ago and was only just approved today.. > is there a lack of resources approving blog posts? just don't see how it's > helpful when posts show up so late.
It looks like you may be posting through Google Groups, which can cause moderation delays if you're not signed up through https://lists.mozilla.org/listinfo/dev-security-policy (Groups is largely Archives, with some mirroring for posting that can have hiccups, as you can see) Certainly, you can always report issues through Bugzilla, as noted at https://wiki.mozilla.org/CA/Incident_Dashboard , which doesn't have the same moderation queue. > As noted, I sampled the OCSP responder well after 24 hours and the cert had > not been revoked yet. I don't have a signed copy to share as i didn't save it > but I don't think it's necessary since it still took GoDaddy over 24 hours to > revoke. Not trying to suggest it's not the case, but these statements alone aren't necessarily enough to demonstrate non-compliance. Signed responses or other evidence are useful, especially when things are "on the cusp" > If you compare report timestamp with ocsp timestamp the difference is > approximately 28hrs and 48mins. Can you provide the original message with headers? Either to this or as an attachment to Bugzilla? _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy