On Thu, Dec 27, 2018 at 8:43 PM Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> So absent a bad CA, I wonder where there is a rule that subscribers
> should be ready to quickly replace certificates due to actions far
> outside their own control.
Consider the
On Sat, Dec 29, 2018 at 06:26:09PM -0500, Lee via dev-security-policy wrote:
> On 12/29/18, Ryan Sleevi wrote:
> > On Sat, Dec 29, 2018 at 10:24 AM Lee wrote:
> >
> >> > It does not seem like a productive discussion will emerge if the
> >> > ontology
> >> > is going to be honest/dishonest partici
On Sat, Dec 29, 2018 at 02:40:10PM -0800, Lewis Resmond via dev-security-policy
wrote:
> I am not 100% sure, but I have read that underscores can exist in domain
> names:
> https://stackoverflow.com/questions/2180465/can-domain-name-subdomains-have-an-underscore-in-it
Correct, but irrelevant for
On 12/29/18, Ryan Sleevi wrote:
> On Sat, Dec 29, 2018 at 10:24 AM Lee wrote:
>
>> > It does not seem like a productive discussion will emerge if the
>> > ontology
>> > is going to be honest/dishonest participants.
>>
>> I think it's an excellent distinction. An honest subscriber won't
>> delibe
I am not 100% sure, but I have read that underscores can exist in domain names:
https://stackoverflow.com/questions/2180465/can-domain-name-subdomains-have-an-underscore-in-it
In another thread of this newsgroup, I saw a list of certificates to be revoked
because of the underscore issue. And they
On Sat, Dec 29, 2018 at 10:24 AM Lee wrote:
> > It does not seem like a productive discussion will emerge if the ontology
> > is going to be honest/dishonest participants.
>
> I think it's an excellent distinction. An honest subscriber won't
> deliberately attempt to spread malware. But I like
On 29/12/2018 15:32, Ryan Sleevi wrote:
> On Fri, Dec 28, 2018 at 11:21 PM Jakob Bohm via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
>>> My guess is all CAs have something like
>>> https://www.digicert.com/certificate-terms/
>>> 15. Certificate Revocation. DigiCert
On 12/29/18, Ryan Sleevi via dev-security-policy
wrote:
> On Fri, Dec 28, 2018 at 11:21 PM Jakob Bohm via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
>> > My guess is all CAs have something like
>> >https://www.digicert.com/certificate-terms/
>> > 15. Certificate Re
On 12/28/18, Jakob Bohm via dev-security-policy
wrote:
> On 28/12/2018 19:44, Lee wrote:
>> On 12/27/18, Jakob Bohm via dev-security-policy
>> wrote:
>>> Looking at the BRs, specifically BR 4.9.1, the reasons that can lead
>>> to fast revocation fall into a few categories / groups:
>> <.. sn
On Fri, Dec 28, 2018 at 11:21 PM Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> > My guess is all CAs have something like
> >https://www.digicert.com/certificate-terms/
> > 15. Certificate Revocation. DigiCert may revoke a Certificate without
> > notice fo
10 matches
Mail list logo