Percy <percyal...@gmail.com> writes: >On Tuesday, September 27, 2016 at 2:15:38 AM UTC-7, Gervase Markham wrote: >> Participants may be interested in this blog post from Tyro: >> https://tyro.com/blog/merchant-security-is-tyros-priority/ > >So this is almost proof that WoSign/StartCom has been intentionally back- >dating certificates to avoid blocks on SHA-1 issuance in browsers.
Did anyone keep a copy of that post? Looks like they took it down pretty quickly, possibly in response to the above. Peter. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy