On Friday, July 21, 2017 at 12:39:54 PM UTC-7, Peter Bowen wrote:
> Steve,
>
> I think this level of public detail is very helpful when it comes to
> understanding the proposal.
>
> On Thu, Jul 20, 2017 at 8:00 AM, Steve Medin via dev-security-policy
> wrote:
> > 1) December 1, 2017 is the
On Friday, July 21, 2017 at 12:07:02 PM UTC-7, Alex Gaynor wrote:
> On Thu, Jul 20, 2017 at 11:00 AM, Steve Medin wrote:
>
> > 1) *December 1, 2017 is the earliest credible date that any RFP
> > respondent can provide the Managed CA solution proposed by Google, assuming
> > a start date of
It seems that a group of Princeton researchers just presented a live
theoretical* misissuance by Let's Encrypt.
They did a sub-prefix hijack via a technique other than those I described here
and achieved issuance while passing-through traffic for other destination
within the IP space of the
Just as a follow up, these two certificates (with
www.intesasanpaolovita..biz) were revoked on 19 July 2017. See
http://ca.intesasanpaolo.com/portalCais0/crl/servext2.crl.
-Original Message-
From: dev-security-policy
Steve,
I think this level of public detail is very helpful when it comes to
understanding the proposal.
On Thu, Jul 20, 2017 at 8:00 AM, Steve Medin via dev-security-policy
wrote:
> 1) December 1, 2017 is the earliest credible date that any RFP
>
On Thu, Jul 20, 2017 at 11:00 AM, Steve Medin
wrote:
> 1) *December 1, 2017 is the earliest credible date that any RFP
> respondent can provide the Managed CA solution proposed by Google, assuming
> a start date of August 1, 2017. Only one RFP respondent initially
On 20/07/17 15:24, Gervase Markham via dev-security-policy wrote:
On 12/07/17 21:18, Ben Wilson wrote:
For CAs with emailProtection and proper name constraints, where would such CAs
appear in https://crt.sh/mozilla-disclosures?
https://crt.sh/mozilla-disclosures#constrainedother? Or a new
On 21/07/17 07:00, Rick Andrews wrote:
> In light of all of these implications, we respectfully request that Mozilla,
> Google and the community consider the dates Symantec has proposed, which are
> the results of our earnest and extensive efforts to implement the spirit of
> the SubCA
On Thursday, July 20, 2017 at 12:31:56 PM UTC-7, Gervase Markham wrote:
> Hi Steve,
>
> Thanks for posting this. I appreciate the level of detail provided,
> which is useful in giving us a basis for discussion. It's a little
> regrettable, though, that it was published a couple of weeks after we
9 matches
Mail list logo