Re: Regarding CA requirements as to technical infrastructure utilized in automated domain validations, etc. (if any)

On Monday, July 24, 2017 at 5:31:33 AM UTC-7, Jakob Bohm wrote: > On 22/07/2017 02:38, birge...@princeton.edu wrote: > > On Friday, July 21, 2017 at 5:06:42 PM UTC-5, Matthew Hardeman wrote: > >> It seems that a group of Princeton researchers just presented a live > >> theoretical* misissuance by

Re: Regarding CA requirements as to technical infrastructure utilized in automated domain validations, etc. (if any)

On Friday, July 21, 2017 at 5:06:42 PM UTC-5, Matthew Hardeman wrote: > It seems that a group of Princeton researchers just presented a live > theoretical* misissuance by Let's Encrypt. > > They did a sub-prefix hijack via a technique other than those I described > here and achieved issuance whi