Matt,
Our investigation reopened at March 9, 9:36 AM based on the information you
provided in this forum. We were able to research and run appropriate testing
which led to evidence of key compromise being determined March 9, 10:24 AM. We
continued our diligence in accordance with the Baseline
Matt,
Thank you for sharing your experience with our problem reporting mechanism on
this forum. It is due to this that we were able to get to the root of the
issue. Here is some detail into what we saw.
Yesterday, we launched an investigation which included various members of the
team
I agree on the surface this bug appears to be the same, but the root cause is a
different. The issue for bug 1462844 was a specific status not counting as
active when it was. To mitigate this issue, we updated the query to include the
missing status. However, we are in the process of
GoDaddy received a certificate problem report on 1/29/2019 for 2 unrevoked
unexpired certificates have underscores in the DNS name that did not meet the
January 15th deadline for revocation. The certificates reported are as follows:
https://crt.sh/?opt=zlint=626981823
Questions about blank sections, thinking of a potential future requirement.
Sections such as 1.INTRODUCTION would remain blank as they are more titles than
components, correct?
If no sections are allowed to be blank does this include both levels of
components such as 1.4 and 1.4.1?
Also,
On Thursday, October 18, 2018 at 5:47:14 PM UTC-7, Jakob Bohm wrote:
> On 15/10/2018 20:01, Kathleen Wilson wrote:
> > I have added the following section to the Required Practices wiki page:
> >
> >
On Monday, October 15, 2018 at 11:23:05 AM UTC-7, Kathleen Wilson wrote:
> On 10/15/18 11:01 AM, Kathleen Wilson wrote:
> > I have added the following section to the Required Practices wiki page:
> >
> >
On Friday, July 20, 2018 at 9:39:04 PM UTC-7, Peter Bowen wrote:
> On Fri, Jul 20, 2018 at 6:39 PM Daymion Reynolds via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
> > The certificates were identified by analyzing results from both zlint and
> > certlint. We also
In light of the limited visibility of WHOIS, Wayne's suggestion of "... allow
anyone to revoke by proving that they control the domain name using one of the
BR 3.2.2.4 methods" is preferable as it is a bit more encompassing rather than
restricting to to same validation process. This also
9 matches
Mail list logo