gmail.com
*Sent:* Tuesday, August 26, 2014 9:10 AM
*To:* ryan-mozdevsecpol...@sleevi.com
*Cc:* mozilla-dev-security-pol...@lists.mozilla.org; Peter Bowen
*Subject:* Re: Wildcard cert, no intermediate
In your rush to judgment you arrived at the wrong conclusions, Ryan. No
problem, though, as I'll
On 8/20/14, 2:03 PM, Peter Bowen wrote:
On Wed, Aug 20, 2014 at 1:55 PM, wrote:
I've encountered a wildcard end-entity certificate on a live server that chains
directly to the root cert. There is no intermediate certificate and the root is
in the Mozilla trust store.
I assume this is a frow
On Tue, August 26, 2014 8:09 am, fhw...@gmail.com wrote:
> In your rush to judgment you arrived at the wrong conclusions, Ryan.
No, I really just disagree with you.
> No
> problem, though, as I'll recap my points in a bit. But first:
> The cert in question has as its root the utn-userfirst-har
9:10 AM
To: ryan-mozdevsecpol...@sleevi.com
Cc: mozilla-dev-security-pol...@lists.mozilla.org; Peter Bowen
Subject: Re: Wildcard cert, no intermediate
In your rush to judgment you arrived at the wrong conclusions, Ryan. No problem, though, as I'll recap my points in a bit. But first:
Of fhw...@gmail.com
Sent: Tuesday, August 26, 2014 9:10 AM
To: ryan-mozdevsecpol...@sleevi.com
Cc: mozilla-dev-security-pol...@lists.mozilla.org; Peter Bowen
Subject: Re: Wildcard cert, no intermediate
In your rush to judgment you arrived at the wrong conclusions, Ryan. No
problem, though, as
In your rush to judgment you arrived at the wrong conclusions, Ryan. No problem, though, as I'll recap my points in a bit. But first:The cert in question has as its root the utn-userfirst-hardware certificate. That appears to be a 2048-bit cert. If the wildcard cert should not have been issued dire
On Wed, August 20, 2014 3:18 pm, fhw...@gmail.com wrote:
> Hmmm...
>
> I'll just assume that all the "prior to Effective Date" conditions are
> satisfied but both the end and root certs are 2048-bit. I can't speak to
> how actively or widely used the cert is nor how costly it would be to
> rep
Of fhw...@gmail.com
Sent: Wednesday, August 20, 2014 4:19 PM
To: Peter Bowen
Cc: mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: Wildcard cert, no intermediate
Hmmm...
I'll just assume that all the "prior to Effective Date" conditions are
satisfied but both the end and
Hmmm...
I'll just assume that all the "prior to Effective Date" conditions are
satisfied but both the end and root certs are 2048-bit. I can't speak to how
actively or widely used the cert is nor how costly it would be to replace other
than to say I've seen it on a half dozen different hosts.
On Wed, Aug 20, 2014 at 1:55 PM, wrote:
> I've encountered a wildcard end-entity certificate on a live server that
> chains directly to the root cert. There is no intermediate certificate and
> the root is in the Mozilla trust store.
>
> I assume this is a frowned upon practice that will be sto
10 matches
Mail list logo
