Re: Regarding CA requirements as to technical infrastructure utilized in automated domain validations, etc. (if any)

2017-07-22 Thread birgelee--- via dev-security-policy
On Friday, July 21, 2017 at 5:06:42 PM UTC-5, Matthew Hardeman wrote: > It seems that a group of Princeton researchers just presented a live > theoretical* misissuance by Let's Encrypt. > > They did a sub-prefix hijack via a technique other than those I described > here and achieved issuance

Re: Miss-issuance: URI in dNSName SAN

2017-07-22 Thread ramirommunoz--- via dev-security-policy
El jueves, 20 de julio de 2017, 16:49:15 (UTC+2), Gervase Markham escribió: > On 19/07/17 14:53, Alex Gaynor wrote: > > I'd like to report the following instance of miss-issuance: > > Thank you. Again, I have drawn this message to the attention of the CAs > concerned (Government of Venezuela and

Re: Certigna Root Renewal Request

2017-07-22 Thread josselin.allemandou--- via dev-security-policy
The ticket is open since 3 months. This seems to be correct for everyone. Is it possible to close it now ? ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy

Re: Miss-issuance: URI in dNSName SAN

2017-07-22 Thread Ryan Sleevi via dev-security-policy
On Fri, Jul 21, 2017 at 4:04 AM ramirommunoz--- via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > El jueves, 20 de julio de 2017, 16:49:15 (UTC+2), Gervase Markham > escribió: > > On 19/07/17 14:53, Alex Gaynor wrote: > > > I'd like to report the following instance of