On Sunday, January 21, 2018 at 1:42:59 PM UTC-8, Ryan Hurst wrote:
> On Sunday, January 21, 2018 at 1:29:58 PM UTC-8, s...@gmx.ch wrote:
> > Hi
> >
> > Thanks for investigating.
> >
> > I can confirm that the service is now working again for me most of the
> > time, but some queries still fail (m
On Sunday, January 21, 2018 at 1:29:58 PM UTC-8, s...@gmx.ch wrote:
> Hi
>
> Thanks for investigating.
>
> I can confirm that the service is now working again for me most of the
> time, but some queries still fail (may be due load balancing in the
> backend?).
>
Thank you for your report and co
Hi
Thanks for investigating.
First of all, my previously curl command is not suitable to verify a
OCSP status. It only works for OCSP stapling which is not supported by
Google servers.
You may use openssl ocsp instead:
openssl ocsp -issuer [GoogleInternetAuthorityG2.crt] -cert
[googlecom.crt] -ur
On Sun, Jan 21, 2018 at 4:00 PM Hanno Böck via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Hi,
>
> On Sun, 21 Jan 2018 12:09:23 -0800 (PST)
> Ryan Hurst via dev-security-policy
> wrote:
>
> > We maintain contact details both within our CPS (like other CAs) and
> > at htt
On Sun, Jan 21, 2018 at 2:08 PM David E. Ross via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On 1/21/2018 9:50 AM, Ryan Sleevi wrote:
> > I couldn’t find that listed in the CP/CPS as where to report problems.
> > Instead, I see a different email listed.
> >
> > What made
Hi,
On Sun, 21 Jan 2018 12:09:23 -0800 (PST)
Ryan Hurst via dev-security-policy
wrote:
> We maintain contact details both within our CPS (like other CAs) and
> at https://pki.goog so that people can reach us expeditiously. In the
> future if anyone needs to reach us please use those details.
I
> > Is there a known contact to report it (or is someone with a Google hat
> > reading this anyway)?
>
David,
I am sorry you experienced difficulty in contacting us about this issue.
We maintain contact details both within our CPS (like other CAs) and at
https://pki.goog so that people can re
>
> We are investigating the issue and will provide a update when that
> investigation is complete.
>
> Thank you for letting us know.
>
> Ryan Hurst
> Product Manager
> Google
I wanted to provide an update to the group. The issue has been identified and a
roll out of the fix is in progress
On 1/21/2018 9:50 AM, Ryan Sleevi wrote:
> I couldn’t find that listed in the CP/CPS as where to report problems.
> Instead, I see a different email listed.
>
> What made you decide to ignore the CP/CPS, which is where CAs list their
> problem reporting mechanisms?
>
> Given that a CA’s CP/CPS ap
On Sun, Jan 21, 2018 at 11:12 AM David E. Ross via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On 1/21/2018 7:47 AM, Paul Kehrer wrote:
> > Is there a known contact to report it (or is someone with a Google hat
> > reading this anyway)?
>
> On Friday (two days ago), I rep
On Sunday, January 21, 2018 at 8:13:30 AM UTC-8, David E. Ross wrote:
> On 1/21/2018 7:47 AM, Paul Kehrer wrote:
> > Is there a known contact to report it (or is someone with a Google hat
> > reading this anyway)?
>
> On Friday (two days ago), I reported this to dns-ad...@google.com, the
> only E-
On 1/21/2018 7:47 AM, Paul Kehrer wrote:
> Is there a known contact to report it (or is someone with a Google hat
> reading this anyway)?
On Friday (two days ago), I reported this to dns-ad...@google.com, the
only E-mail address in the WhoIs record for google.com.
I received an automated reply in
I can confirm that the endpoint embedded in the certificate (
http://clients1.google.com/ocsp) is giving a 404 to OCSP requests at this
time. crt.sh's OCSP monitoring page also shows this.
-Paul
On January 21, 2018 at 9:07:48 AM, sjw--- via dev-security-policy (
dev-security-policy@lists.mozilla.
Hi
Google delivers the certificate [1] to me, for *.google.com,
*.youtube.com and other major services.
However, the OCSP service [2] does not work for me. I verified this from
multiple locations, machines, OSes and versions of Firefox. Furthermore,
I used SSL Labs [3] and the status on crt.sh [1]
14 matches
Mail list logo