Browsers by default just ignore any OCSP error. So while the browser
might have seen an error getting the OCSP reply, the user is not aware
of it.
And why Browsers do ignore OCSP errors? Because some CA don't take OCSP
errors seriously.
So yes, it has an impact: it comfort Browsers in that
> The party actually running the authoritative DNS servers is in
control of the domain.
I'm not sure I agree. They can control the domain, but they are supposed
to be subordinate of the domain owner. If they did something without the
owner consent/approval, it really looks like a domain
Following the discussion on
https://community.letsencrypt.org/t/non-logging-of-final-certificates/58394
What is the position of Mozilla about the submission to ct-logs of the
final certificate when there is already a pre-certificate?
As it helps discover bugs (
3 matches
Mail list logo