subject:"Potential problem with ACME TLS\-SNI\-01 validation"

Re: Potential problem with ACME TLS-SNI-01 validation

2018-01-10 Thread Gervase Markham via dev-security-policy

On 10/01/18 02:26, j...@letsencrypt.org wrote:
> We've received a credible report of a problem with ACME TLS-SNI-01 validation 
> which could allow people to get certificates they should not be able to get. 
> While we investigate further we have disabled tls-sni-01 validation.
> 
> We'll post more information soon.

https://community.letsencrypt.org/t/2018-01-09-issue-with-tls-sni-01-and-shared-hosting-infrastructure/49996

Gerv
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Potential problem with ACME TLS-SNI-01 validation

2018-01-09 Thread josh--- via dev-security-policy

We've received a credible report of a problem with ACME TLS-SNI-01 validation 
which could allow people to get certificates they should not be able to get. 
While we investigate further we have disabled tls-sni-01 validation.

We'll post more information soon.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Potential problem with ACME TLS-SNI-01 validation

Potential problem with ACME TLS-SNI-01 validation

2 matches

Site Navigation

Mail list logo

Footer information