On 11/14/17 4:34 AM, douglas.beat...@gmail.com wrote:
Do we believe that this issue has been resolved by the Registry and issuance an resume as normal, or are there ongoing concerns which CAs should be aware of when issuing certificates to .tg domains?
Based on information from folks that are monitoring their NS Records, we believe that the .tg Registry problems were fixed on November 1, and have remained fixed since then.
I have not looked into how Registries are operated and maintained, so here is my personal (uneducated) opinion: I think it is possible that the .tg Registry could be compromised again. I have no idea if all of the newer Registries are using good network and security protocols, infrastructure, etc.
I think that we will need to have much deeper investigation and discussions about Registries, so I have added this to my to-do list, but I will not be able to get to it until January.
Thanks, Kathleen _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
