On Thursday, January 12, 2017 at 7:38:47 PM UTC-5, Itzhak Daniel wrote:
> Why not posting _ALL_ certificates issues via that method to CT log?
We had to nag and whine for a year to get IXSystems and FreeNAS folks to
finally, begrudgingly use TLS (for Download of ISOs and SHA256 no less!). The
'V
On 18/01/17 15:31, Kurt Roeckx wrote:
> And I would like to see that as a requirement in the audit report,
> which CA are actually checked.
https://github.com/mozilla/pkipolicy/issues/50 .
Gerv
___
dev-security-policy mailing list
dev-security-policy@li
On 19/01/2017 01:33, [email protected] wrote:
On Thursday, January 12, 2017 at 7:38:47 PM UTC-5, Itzhak Daniel wrote:
Why not posting _ALL_ certificates issues via that method to CT log?
We had to nag and whine for a year to get IXSystems and FreeNAS folks to
finally, begrudgingly use
I. Misissued certificates for example.com
On 2016-07-14, Symantec misissued the following certificates for example.com:
https://crt.sh/?sha256=A8F14F52CC1282D7153A13316E7DA39E6AE37B1A10C16288B9024A9B9DC3C4C6
https://crt.sh/?sha256=8B5956C57FDCF720B6907A4B1BC8CA2E46CD90EAD5C061A4
On Thursday, 19 January 2017 20:20:24 UTC, Jakob Bohm wrote:
> Google's CT initiative in its current form has serious privacy problems
> for genuine certificate holders. I applaud any well-run CA that stands
> up to this attack on the Internet at large.
I notice that you have not specifically id
Andrew, thank you for your efforts to report this issue. We are
investigating and will report our resolution, cause analysis, and corrective
actions once complete.
Kind regards,
Steven Medin
PKI Policy Manager, Symantec Corporation
> -Original Message-
> From: dev-security-policy [mailto:
On 20/01/2017 00:35, Nick Lamb wrote:
On Thursday, 19 January 2017 20:20:24 UTC, Jakob Bohm wrote:
Google's CT initiative in its current form has serious privacy problems
for genuine certificate holders. I applaud any well-run CA that stands
up to this attack on the Internet at large.
I noti
7 matches
Mail list logo
