On 22/12/16 14:30, Tom Delmas wrote:
> There are other mechanisms. But hard to use, especially between
> countries. As a Firefox user,
> I expect that CA trusted by Firefox are clearly identifiable and
> distinguishable from each others.
If CAs ever did something specific to Firefox or the root
+richard=wosign@lists.mozilla.org] On
Behalf Of Tom Delmas
Sent: Thursday, December 22, 2016 10:30 PM
To: Gervase Markham <g...@mozilla.org>
Cc: mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: wosign and letsencrypt.cn / letsencrypt.com.cn
Hi Gerv,
> It's never come up. But I
Hi Gerv,
> It's never come up. But I think we would be reluctant to intervene;
Thank you for that answer. I understand it.
> there are other mechanisms for sorting out such disputes, and it's not
> our job to interpret or enforce trademark law or domain name dispute
> resolution law.
There are
On 21/12/16 12:42, tdel...@gmail.com wrote:
> I think Mozilla still doesn't answer my first question:what is the
> position of Mozilla regarding CA that act in bad faith regarding the
> usage of the names associated with others CA (like, registering such
> trademarks or domains) ?
It's never come
On Monday, December 19, 2016 at 2:45:16 AM UTC+1, Richard Wang wrote:
> I wish everyone can talk about this case friendly and equally.
I'm sorry about the wosing-bashing that followed. It wasn't my intention.
> We know Let's Encrypt is released after the public announcement, but two day
>
People here tend to bash WoSign/StartCom the whole time and make them guilty
for nearly everthing, including the Lindbergh Kidnapping. I also do think
people are actively searching for anything they can blame, and ignore/tolerate
incidents of other CAs.
Am Freitag, 16. Dezember 2016 19:18:27
在 2016年12月20日星期二 UTC+8下午8:21:33,Tom写道:
> According to The Uniform Domain-Name Dispute-Resolution Policy,
> letsencrypt.cn seem use in bad faith.
>
> On December 20, 2016 2:45:47 PM GMT+08:00, "谭晓生" wrote:
> >It is ICP license you talked about, you can find some information
According to The Uniform Domain-Name Dispute-Resolution Policy, letsencrypt.cn
seem use in bad faith.
On December 20, 2016 2:45:47 PM GMT+08:00, "谭晓生" wrote:
>It is ICP license you talked about, you can find some information here:
December 19, 2016 12:36 PM
> To: mozilla-dev-security-pol...@lists.mozilla.org
> Subject: Re: wosign and letsencrypt.cn / letsencrypt.com.cn
>
> We had some trouble figuring out how to purchase a Chinese domain name before
> we launched, so we didn't purchase it then. We've never talke
and letsencrypt.cn / letsencrypt.com.cn
We had some trouble figuring out how to purchase a Chinese domain name before
we launched, so we didn't purchase it then. We've never talked to wosign about
this before, and we haven't seen the domain used for anything confusing so
far. This is our first
half Of tdel...@gmail.com
> Sent: Saturday, December 17, 2016 1:34 AM
> To: mozilla-dev-security-pol...@lists.mozilla.org
> Subject: wosign and letsencrypt.cn / letsencrypt.com.cn
>
> It seams that wosign has registered the domains letsencrypt.cn and
> letsencrypt.com.cn in 2014 af
On Sunday, December 18, 2016 at 5:45:16 PM UTC-8, Richard Wang wrote:
> We know Let's Encrypt is released after the public announcement, but two day
> later, its .cn domain is still not registered, I think maybe it is caused by
> the strict registration rule in China, so I registered it for
Well, at least it seems that they're not (ab)using it for now.
```
$ dig letsencrypt.cn
; <<>> DiG 9.11.0-P1 <<>> letsencrypt.cn
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63776
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
在 2016年12月19日星期一 UTC+8下午12:36:10,jo...@letsencrypt.org写道:
> We had some trouble figuring out how to purchase a Chinese domain name before
> we launched, so we didn't purchase it then. We've never talked to wosign
> about this before, and we haven't seen the domain used for anything confusing
>
We had some trouble figuring out how to purchase a Chinese domain name before
we launched, so we didn't purchase it then. We've never talked to wosign about
this before, and we haven't seen the domain used for anything confusing so far.
This is our first interaction about it and we're happy to
[mailto:dev-security-policy-bounces+richard=wosign@lists.mozilla.org] On
Behalf Of tdel...@gmail.com
Sent: Saturday, December 17, 2016 1:34 AM
To: mozilla-dev-security-pol...@lists.mozilla.org
Subject: wosign and letsencrypt.cn / letsencrypt.com.cn
It seams that wosign has registered the domains
Well, based on the previous deception of WoSign before, during and after
Mozilla's investigation, I'm not remotely surprised to see this.
On Friday, December 16, 2016 at 10:18:27 AM UTC-8, tde...@gmail.com wrote:
> It seams that wosign has registered the domains letsencrypt.cn and
>
It seams that wosign has registered the domains letsencrypt.cn and
letsencrypt.com.cn in 2014 after the public announce of Let's Encrypt :
whois letsencrypt.cn
Domain Name: letsencrypt.cn
ROID: 20141120s10001s72911711-cn
Domain Status: clientTransferProhibited
Registrant ID: k35-n2041486_00
18 matches
Mail list logo