On Thursday, January 12, 2017 at 7:38:47 PM UTC-5, Itzhak Daniel wrote:
> Why not posting _ALL_ certificates issues via that method to CT log?
We had to nag and whine for a year to get IXSystems and FreeNAS folks to
finally, begrudgingly use TLS (for Download of ISOs and SHA256 no less!). The
On 18/01/17 15:31, Kurt Roeckx wrote:
> And I would like to see that as a requirement in the audit report,
> which CA are actually checked.
https://github.com/mozilla/pkipolicy/issues/50 .
Gerv
___
dev-security-policy mailing list
I. Misissued certificates for example.com
On 2016-07-14, Symantec misissued the following certificates for example.com:
https://crt.sh/?sha256=A8F14F52CC1282D7153A13316E7DA39E6AE37B1A10C16288B9024A9B9DC3C4C6
On 19/01/2017 01:33, montel.bahn...@gmail.com wrote:
On Thursday, January 12, 2017 at 7:38:47 PM UTC-5, Itzhak Daniel wrote:
Why not posting _ALL_ certificates issues via that method to CT log?
We had to nag and whine for a year to get IXSystems and FreeNAS folks to
finally, begrudgingly use
On Thursday, 19 January 2017 20:20:24 UTC, Jakob Bohm wrote:
> Google's CT initiative in its current form has serious privacy problems
> for genuine certificate holders. I applaud any well-run CA that stands
> up to this attack on the Internet at large.
I notice that you have not specifically
Andrew, thank you for your efforts to report this issue. We are
investigating and will report our resolution, cause analysis, and corrective
actions once complete.
Kind regards,
Steven Medin
PKI Policy Manager, Symantec Corporation
> -Original Message-
> From: dev-security-policy
On 20/01/2017 00:35, Nick Lamb wrote:
On Thursday, 19 January 2017 20:20:24 UTC, Jakob Bohm wrote:
Google's CT initiative in its current form has serious privacy problems
for genuine certificate holders. I applaud any well-run CA that stands
up to this attack on the Internet at large.
I
7 matches
Mail list logo