On Sunday, September 25, 2016 at 6:14:06 PM UTC-7, Richard Wang wrote: > This rule is ok for more case, but for this case, it is wrong.
This rule is NEVER ok. Please re-read the BRs to understand why. > There is another bug that it means Comodo don't have the gTLD blocking system > that according to the BR, CA can't issue the gTLD domain to subscriber. The BRs do not say this. Please re-read the BRs to understand why. > This is a BR violated misissuance, I don't know if any more certificates are > mis-issued since it is a bug in the code that may affect other similar order. You are correct that this is potentially BR violating. However, the details of that remain to be determined. It would be useful if you allow the CA the opportunity to respond. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy