On 10/01/18 02:26, j...@letsencrypt.org wrote: > We've received a credible report of a problem with ACME TLS-SNI-01 validation > which could allow people to get certificates they should not be able to get. > While we investigate further we have disabled tls-sni-01 validation. > > We'll post more information soon.
https://community.letsencrypt.org/t/2018-01-09-issue-with-tls-sni-01-and-shared-hosting-infrastructure/49996 Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy