Mozilla's April 15 deadline for disclosure of email intermediates that are
not technically constrained has now passed. I have created the following
bugs for the certificates listed at https://crt.sh/mozilla-disclos
ures#undisclosed
* Firmaprofesional:
On 18/4/2018 9:50 μμ, Wayne Thayer via dev-security-policy wrote:
On Wed, Apr 18, 2018 at 12:14 AM, Dimitris Zacharopoulos via
dev-security-policy wrote:
On 18/4/2018 12:04 πμ, Jeremy Rowley via dev-security-policy wrote:
Having to go through
On Wed, Apr 18, 2018 at 2:50 PM, Wayne Thayer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On Wed, Apr 18, 2018 at 12:14 AM, Dimitris Zacharopoulos via
> dev-security-policy wrote:
>
> > On 18/4/2018 12:04 πμ, Jeremy Rowley via
On Tue, Apr 17, 2018 at 9:21 PM, Jeremy Rowley via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> There is a way to get zero-validation certs, totally legit, under the BRs.
> Currently, the BRs permit pretty much free delegation of Registration
> Authorities for everything
On Wed, Apr 18, 2018 at 3:14 AM, Dimitris Zacharopoulos via
dev-security-policy wrote:
> Mail servers receive tons of SPAM everyday and an email address target is
> a very easy target for popular CAs. We should also consider the possibility
> of accidental
On 18/4/2018 12:04 πμ, Jeremy Rowley via dev-security-policy wrote:
Having to go through captchas to even get the email sent is just another
obstacle in getting the CA a timely certificate problem report
Nowadays, people deal with captchas all the time in various popular web
sites. I don't
6 matches
Mail list logo