On Tue, Dec 18, 2018 at 7:41 AM Rob Stradling <r...@sectigo.com> wrote:
> On 14/12/2018 21:06, Wayne Thayer via dev-security-policy wrote: > <snip> > > I think it;s worth calling out that Let's Encrypt has implemented what > > appears to be a relatively simple mitigation: > > > https://community.letsencrypt.org/t/edns-buffer-size-changing-to-512-bytes/77945 > > Sectigo implemented this same mitigation about a month ago. > Like Let's Encrypt, is there any data Sectigo can share regarding the impact it has had on operations? Or has it been so negligible as to not notice? It's rather encouraging to hear another CA has deployed this, seemingly successfully, and having data that shows the impact helps make informed decisions about whether attempting to mandate through policy - whether Mozilla or the CA/Browser Forum - would have any negative effects, given the positive effects it seems to have. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy