On Sat, Mar 07, 2020 at 09:07:11AM -0500, Ryan Sleevi wrote:
> Thanks. I filed https://bugzilla.mozilla.org/show_bug.cgi?id=1620772
I'll give points to SSL.com for a speedy initial response, but I'm a bit
disconcerted about this:
> The fingerpint of the claimed Debian weak key was not included
On Saturday, March 7, 2020 at 8:24:57 AM UTC-6, Ryan Sleevi wrote:
> On Fri, Mar 6, 2020 at 9:03 PM jwardcpa--- via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
> > Great follow on questions Ryan. As far as the detailed report, whether
> > the end product is in the
On Fri, Mar 6, 2020 at 9:03 PM jwardcpa--- via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Great follow on questions Ryan. As far as the detailed report, whether
> the end product is in the current form, or in the detailed version, the
> lead auditor is taking full
On Fri, Mar 6, 2020 at 10:05 PM Matt Palmer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Therefore, the question I'm asking is: should Mozilla (aka the community
> and
> CA module owner and peers) make a policy decision to treat certificates
> issued with a known
Thanks. I filed https://bugzilla.mozilla.org/show_bug.cgi?id=1620772
On Fri, Mar 6, 2020 at 9:48 PM Matt Palmer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> (Pre) Certificate https://crt.sh/?id=2531502044 has been issued with a
> known
> weak key, specifically
5 matches
Mail list logo