On 25/10/17 12:15, Kai Engert wrote:
> Will these changes be implemented in the ESR 59.x releases, which will
> be released in parallel to the above releases?
That's a really good question.
I am told that the code implementing the console warning is going to be
there before ESR branches, so we sh
I don't like erratum 5097. It just deletes the mention of DNAME, which can
easily be misinterpreted as not permitting DNAME following for CAA (or even
worse, allows DNAME to be handled however you want). Erratum 5097 also has not
been approved by IETF (and shouldn't be, for this reason).
The
On Wednesday, October 25, 2017 at 1:34:03 PM UTC-7, Jeremy Rowley wrote:
> Some initial thoughts
> 1. I'm a bit confused by bullet #2 in the survey. Wasn't it already the
> Mozilla policy that CAs could only use the blessed 10 methods of validation?
> I thought this was communicated in the previous
On Wednesday, October 25, 2017 at 2:05:33 PM UTC-7, Andrew Ayer wrote:
> Hi Kathleen,
>
> I suggest being explicit about which CAA errata Mozilla allows.
>
> For CNAME, it's erratum 5065.
>
> For DNAME, it's erratum 5097.
>
> Link to errata: https://www.rfc-editor.org/errata_search.php?rfc=6844
4 matches
Mail list logo