Hello all,
On 11/25/2015 05:13 AM, Paul Millar wrote:
> I was wondering whether people have considered services running on
> a port other than port 443; in particular, ports greater than
> 1024.
I'm also somewhat concerned about this, I've read statements like this
when talking about port 443:
On Wed, Nov 25, 2015 at 9:14 AM, moparisthebest
wrote:
> Hello all,
>
> On 11/25/2015 05:13 AM, Paul Millar wrote:
> > I was wondering whether people have considered services running on
> > a port other than port 443; in particular, ports greater than
> > 1024.
>
> I'm
On 25 November 2015 at 02:13, Paul Millar wrote:
> Therefore, there seems no reason to limit ACME to the traditionally secure
> port number.
I would be OK with having an ACME server validate against any port,
but only if it were going to issue a certificate with a
The argument for a scan is not that it will be comprehensive.
There's a huge amount of software out there that has started using
various ports in standard and non-standard ways; the more software
happens to use a given port, the more risk of remote attacks on ACME DV
via quirks or bugs in that
I am getting really nervous about allowing any port other than 443.
I just did a scan of a very recent clean install of Windows and there are a
*TON* of Web servers running for apps that didn't mention they had one.
The thing is that if I am running a process on any sort of shared host, I
can
It's an issue with shared hosting where users have shell access but no root
access.
2015-11-24 17:49 GMT+01:00 Eliot Lear :
> Yes, thanks, Yoav. Apologies to Randy and Kathleen for my terseness.
>
> Eliot
>
>
> On 11/24/15 5:46 PM, Yoav Nir wrote:
> > I think Eliot meant RFC
Am 25.11.2015 um 18:28 schrieb moparisthebest:
A domain validated certificate doesn't and never has said "This entire
machine is controlled solely by the domains specified in this
certificate", instead it says "This particular service/port on this
server is authorized by this domain to provide
Hi,
[apologies if this question duplicates the earlier thread "Issue: Allow
ports other than 443"]
I was wondering whether people have considered services running on a
port other than port 443; in particular, ports greater than 1024.
One particular use-case is that some services run on a