Back in 2010 all of our testing was manual. We've been investing in automated
testing over the last three years. Now we are focusing that effort on the new
Ballot 169 methods with a heightened awareness of false positives like this
one, and detection of potential vulnerabilities.
>
On 13/01/17 02:00, Ryan Sleevi wrote:
> Suggestion: "List of CA policy documents _and versions_"
Yes, good idea.
Gerv
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
On 13/01/17 01:56, Ryan Sleevi wrote:
> Notably, 1.3.7 also has IP encumbrances - and uncertainty - the same
> as 1.4.1, so presumably, Mozilla is OK with having encumbered methods
> included. Considering some of these exclusions have existed since the
> BR's adoption, that doesn't seem an
On 13/01/17 17:10, Fred Emmott wrote:
> In January 2010, I reported two issues to GoDaddy, with an example
> certificate that should have been rejected: - their website-based
> authentication required a request to an URL including a random string
> to include the same random string.
Reading
4 matches
Mail list logo