On Sunday, December 18, 2016 at 5:45:16 PM UTC-8, Richard Wang wrote: > We know Let's Encrypt is released after the public announcement, but two day > later, its .cn domain is still not registered, I think maybe it is caused by > the strict registration rule in China, so I registered it for protection that > not registered by Cornbug.
I found it really hard to comprehend why you believe you should be registering a domain name, "for protection", that belongs to another brand, especially where there is definitely conflict of interests involved. > We don’t use those domains for any WoSign's services Until a few days ago, letsencrypt.cn points to a Microsoft/21vianet Azure China server 211.151.125.110 [1][2]. A reverse lookup on this IP [3] yields hostnames implying services of WoSign (pkiclick.net, wosigncode.net, etc.). As of the time of this email, DNS lookup of this domain name yields NXDOMAIN, which means WoSign has made the effort to remove the record. Why bother to add the DNS record in the first place then? [1] http://whois.domaintools.com/letsencrypt.cn [2] http://viewdns.info/iphistory/?domain=letsencrypt.cn [3] http://bgp.he.net/ip/211.151.125.110#_dns _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy