Hi All,
Yesterday I found a new false issued certificate for defence.external.int. It
looks like the
problems with Comodo are still not solved. Isn't it?
The certificate below has been issued by Comodo just a few days ago on the
domain external.int which
hasn't been registered.
I'm surprised
As requested during the review of autoconfig, I would like to pose the
fetch ISP part of the feature for security review.
I didn't know back then that I had to schedule the meeting myself, so I
waited indefinitely for it to be scheduled. So, I now set the time to
tomorrow, 2009-11-05, 10AM
* Reed Loden:
On Wed, 04 Nov 2009 20:19:48 +0100
Florian Weimer f...@deneb.enyo.de wrote:
* Paul van Brouwershaven:
Yesterday I found a new false issued certificate for
defence.external.int. It looks like the problems with Comodo are
still not solved. Isn't it?
Why do you think the
On 11/04/2009 09:31 PM, Florian Weimer:
Does the CPS really say that? Where?
If you don't mind, the Mozilla CA Policy requires under section 7:
/for a certificate to be used for SSL-enabled servers, the CA takes
reasonable measures to verify that the entity submitting the
Florian Weimer schreef:
By the way, how did you obtain a copy of the certificate?
They certificate owner wanted a same certificate from an other CA because this
certificate has very
limited browser compatibility. (read supprot for mobile devices etc)
No other CA could deliver this certificate
On 04/11/2009 20:43, Paul van Brouwershaven wrote:
Florian Weimer schreef:
By the way, how did you obtain a copy of the certificate?
They certificate owner wanted a same certificate from an other CA because this
certificate has very
limited browser compatibility. (read supprot for mobile
Ian G schreef:
OK, so it's good to figure out all the facts before we jump to conclusions.
How do you mean?
Why does the client want this certificate? What is the use case here?
This client uses .int for an internal domain, but this does not changes the
case. The certificate
should not be
In article 4af1d712.2070...@startcom.org, Eddy Nigg
eddy_n...@startcom.org wrote:
I'm again not seeing the original posting, why doesn't it come through?
I see only your replies. Something with the mail - news gateway is
broken :S
Giganews says the original message got nailed as a binary
On 11/04/2009 11:13 PM, Dave Miller:
Giganews says the original message got nailed as a binary post because
of the included base64-encoded SSL certificate.
Specially on these news groups this can happen from time to time. Is
this something which can be fixed?
--
Regards
Signer: Eddy
I've found several certificate authorities that issue certificates for
internal domains, including Comodo, VeriSign, and completessl.com.
Adam Barth and I filed a bug on this issue in 2007. These
certificates are easy to acquire, but I don't see how they're less
secure than HTTP, so we've been
Collin Jackson schreef:
I've found several certificate authorities that issue certificates for
internal domains, including Comodo, VeriSign, and completessl.com.
Adam Barth and I filed a bug on this issue in 2007. These
certificates are easy to acquire, but I don't see how they're less
secure
On 11/04/2009 11:32 PM, Collin Jackson:
I've found several certificate authorities that issue certificates for
internal domains, including Comodo, VeriSign, and completessl.com.
Adam Barth and I filed a bug on this issue in 2007. These
certificates are easy to acquire, but I don't see how
Do you know what web site the client used to register it originally?
If you register a certificate with a . in it, Comodo's instantssl.com
store usually sends a domain validation email (to
ad...@external.int, administra...@external.int, etc.). In this case,
I would think the email would never
In article kbednvccenx9c2zxnz2dnuvz_g1i4...@mozilla.org, Eddy Nigg
eddy_n...@startcom.org wrote:
On 11/04/2009 11:13 PM, Dave Miller:
Giganews says the original message got nailed as a binary post because
of the included base64-encoded SSL certificate.
Specially on these news
On 04.11.2009 20:31, Florian Weimer wrote:
* Reed Loden:
$ whois -h whois.iana.org external.int
Domain external.int not found.
SSL certificates shouldn't be issued to domains that don't exist. ;)
Does the CPS really say that? Where?
SSL certs should be issued only to the
15 matches
Mail list logo