On Friday, August 4, 2017 at 12:01:15 AM UTC-7, Percy wrote:
> I suggest that Mozilla can post an announcement now about the complete
> removal of WoSign/StartCom to alert website developers. I suspect that a
> moderate amount of Chinese websites are still using WoSign certs chained to
> the old
Dimitris,
I think it is not accurate to characterize this as being outside of the CAs
controls. Several CAs utilize multiple network perspectives and consensus to
mitigate these risks. While this is not a total solution it is fairly effective
if the consensus pool is well thought out.
Ryan
On
2 matches
Mail list logo
