Browsers by default just ignore any OCSP error. So while the browser
might have seen an error getting the OCSP reply, the user is not aware
of it.
And why Browsers do ignore OCSP errors? Because some CA don't take OCSP
errors seriously.
So yes, it has an impact: it comfort Browsers in that
> The party actually running the authoritative DNS servers is in
control of the domain.
I'm not sure I agree. They can control the domain, but they are supposed
to be subordinate of the domain owner. If they did something without the
owner consent/approval, it really looks like a domain
Following the discussion on
https://community.letsencrypt.org/t/non-logging-of-final-certificates/58394
What is the position of Mozilla about the submission to ct-logs of the
final certificate when there is already a pre-certificate?
As it helps discover bugs (
Hi Gerv,
> It's never come up. But I think we would be reluctant to intervene;
Thank you for that answer. I understand it.
> there are other mechanisms for sorting out such disputes, and it's not
> our job to interpret or enforce trademark law or domain name dispute
> resolution law.
There are
4 matches
Mail list logo
