On 26/07/2018 23:04, Matthew Hardeman wrote:
On Thu, Jul 26, 2018 at 2:23 PM, Tom Delmas via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
The party actually running the authoritative DNS servers is in control
of the domain.
I'm not sure I agree. They can control the d
On Thu, Jul 26, 2018 at 2:23 PM, Tom Delmas via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
>
> > The party actually running the authoritative DNS servers is in control
> of the domain.
>
> I'm not sure I agree. They can control the domain, but they are supposed
> to be sub
I came across this from the OP's article posted on GitHub, apologies for
posting so much later than the original discussion. I just wanted to throw in
my 2 cents, real use case. A webapp I develop(ed) for my company has been using
DYMO's developer setup and the web service that's installed with
> The party actually running the authoritative DNS servers is in
control of the domain.
I'm not sure I agree. They can control the domain, but they are supposed
to be subordinate of the domain owner. If they did something without the
owner consent/approval, it really looks like a domain hij
I think the whole point of domain validation certificates is taking the
human part out of it and verifying technical control of the domain as the
standard upon which to base issuance.
Since the CA is also the DNS server, it's more or less a given that they
certainly can or would successfully valid
On Wed, Jul 25, 2018 at 2:08 PM Joanna Fox via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On Friday, July 20, 2018 at 9:39:04 PM UTC-7, Peter Bowen wrote:
> > > *Total of 17 certificates issued in 2018 were revoked due to invalid
> > > extended ascii characters. CertLin
On Wednesday, 25 July 2018 21:08:59 UTC, michel.le...@gmail.com wrote:
> Hello,
>
> My domain registrar who is also a certificate authority just issued a
> precertificate (visible in CT logs) and a valid
> certificate for my domain. This is part of their new offer to automatically
> offer free c
W dniu 25.07.2018 o 23:21, Quirin Scheitle via dev-security-policy pisze:
Hi Michel,
On 23. Jul 2018, at 22:36, michel.lebihan2000--- via dev-security-policy
wrote:
I think my domain registrar just violated my CAA by issuing that
certificate. Where they allowed to issue this certificate?
t
8 matches
Mail list logo