Myroslav Opyr added the comment: Ah indeed, that Alternative name thing. Yes, this is not desirable side effect. It would be worth mentioning to StartSSL people as they are quite security savvy and such "escalation of privileges" should not be a side-effect of their free certificates.
On Mon, Sep 30, 2013 at 3:53 PM, Martin v. Löwis < metatrac...@psf.upfronthosting.co.za> wrote: > > Martin v. Löwis added the comment: > > techtonik specifically asked for FreeSSL, so I still wonder what that is. > > I'm familiar with StartSSL, and the PSF infrastructure group indeed does > have access to such certificates. The problem with the StartSSL certificate > is that it has "python.org" as a subject alternative name, which is > undesired due to the threat that arises from it if somebody breaks into > bugs.python.org. > > _______________________________________________________ > PSF Meta Tracker <metatrac...@psf.upfronthosting.co.za> > <http://psf.upfronthosting.co.za/roundup/meta/issue527> > _______________________________________________________ > _______________________________________________________ PSF Meta Tracker <metatrac...@psf.upfronthosting.co.za> <http://psf.upfronthosting.co.za/roundup/meta/issue527> _______________________________________________________ _______________________________________________ Tracker-discuss mailing list Tracker-discuss@python.org https://mail.python.org/mailman/listinfo/tracker-discuss
