On 04/04/2017 22:25, Doug Beattie wrote:
-Original Message-
From: dev-security-policy [mailto:dev-security-policy-
bounces+doug.beattie=globalsign@lists.mozilla.org] On Behalf Of Nick
Lamb via dev-security-policy
I have a question: These certificates appear to be not only forbidde
> -Original Message-
> From: dev-security-policy [mailto:dev-security-policy-
> bounces+doug.beattie=globalsign@lists.mozilla.org] On Behalf Of Nick
> Lamb via dev-security-policy
>
> I have a question: These certificates appear to be not only forbidden by the
> BRs
> but also techn
On Tuesday, 4 April 2017 16:31:10 UTC+1, douglas...@gmail.com wrote:
> How this happened:
Thanks Doug,
I have a question: These certificates appear to be not only forbidden by the
BRs but also technically unlikely to function as desired by the subscriber. Did
any customers report problems whic
On 04/04/17 16:31, douglas.beat...@gmail.com wrote:
> Attachment was stripped, here it the content:
Thanks Doug.
Unless anyone sees something particularly problematic here, I think we
can call this incident closed.
Gerv
___
dev-security-policy mailing
Attachment was stripped, here it the content:
GlobalSign BR violation: EV Certificate with dNSName containing a space
On February 26, 2017, we received a report that there were multiple SANs in an
EV SSL Certificate that contained a space within it. Spaces are not permitted
characters, per
On Tuesday, April 4, 2017 at 8:19:28 AM UTC-7, Doug Beattie wrote:
> Here is the incident report for this reported issue.
I don't see anything attached or linked?
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mo
rsday, March 16, 2017 6:57 AM
> To: D B ; mozilla-dev-security-
> pol...@lists.mozilla.org
> Subject: Re: GlobalSign BR violation
>
> On 28/02/17 20:02, douglas.beat...@gmail.com wrote:
> > And lastly this ticket. The Domain name was validated in accordance
> > with the BR
On 28/02/17 20:02, douglas.beat...@gmail.com wrote:
> And lastly this ticket. The Domain name was validated in accordance
> with the BRs, but there was a bug that allowed a user entered space
> to be included in some of the SAN values. While the value is not
> compliant with RFC 5280 or the BRs,
On 28/02/17 20:02, douglas.beat...@gmail.com wrote:
> Suspicious Test certificate
> https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/-gaS1p3vrXc
>
> I provided a formal response in that thread that I believe closes
> this issue.
I still have an outstanding question.
> And last
On Tue, Feb 28, 2017 at 12:02 PM, douglas.beattie--- via
dev-security-policy wrote:
> Ryan,
>
> GlobalSign certificate issuance has been referenced in several different
> threads recently and I think most of them are closed; however, if you feel
> otherwise, let me know.
>
Hi Doug,
Right, I rea
Ryan,
GlobalSign certificate issuance has been referenced in several different
threads recently and I think most of them are closed; however, if you feel
otherwise, let me know.
Suspicious Test certificate
https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/-gaS1p3vrXc
I provide
On Tue, Feb 28, 2017 at 8:53 AM, douglas.beattie--- via dev-security-policy
wrote:
>
> Yes, we're working to do just this now.
While that's good and well, I do hope GlobalSign will produce an incident
report regarding this matter, as to how the situation in
https://groups.google.com/d/msg/mozil
On Monday, February 27, 2017 at 4:05:09 PM UTC-5, Jakob Bohm wrote:
> On 27/02/2017 01:53, Itzhak Daniel wrote:
> > How those lines are parsed? what happens when a client reaches a
> > whitespace? Will this allow 'vietnamairlines.com' to use 'owa', 'mail' and
> > 'autodiscover' in their internal
On 27/02/2017 01:53, Itzhak Daniel wrote:
How those lines are parsed? what happens when a client reaches a whitespace?
Will this allow 'vietnamairlines.com' to use 'owa', 'mail' and 'autodiscover'
in their internal infrastructure?
Programs don't parse the text lines from the crt.sh website.
On Monday, 27 February 2017 00:53:46 UTC, Itzhak Daniel wrote:
> How those lines are parsed? what happens when a client reaches a whitespace?
> Will this allow 'vietnamairlines.com' to use 'owa', 'mail' and 'autodiscover'
> in their internal infrastructure?
Because they're dnsNames a correctly
How those lines are parsed? what happens when a client reaches a whitespace?
Will this allow 'vietnamairlines.com' to use 'owa', 'mail' and 'autodiscover'
in their internal infrastructure?
___
dev-security-policy mailing list
dev-security-policy@lists.
On Sat, Feb 25, 2017 at 11:22:18AM -0800, Roland Bracewell Shoemaker via
dev-security-policy wrote:
> It appears GlobalSign has issued an EV certificate containing dNSNames
> which include spaces which are non-valid DNS characters. This is a
> violation of CABF Baseline Regulations Sections 7.1.4.
It appears GlobalSign has issued an EV certificate containing dNSNames
which include spaces which are non-valid DNS characters. This is a
violation of CABF Baseline Regulations Sections 7.1.4.2.1. and
presumably 3.2.2.4. since there is no way to confirm control of a
non-valid DNS name.
Pre-certifi
18 matches
Mail list logo