Re: CA Program for security researchers

On 22/02/2018 23:27, James Burton wrote: It doesn't take that long for a CAs to do vetting checks for OV and EV certificates when everything is handed to them on a plate. Breaking CAs vetting procedures is not too hard. In principle, the vetting procedures is what customers pay for and

Re: CA Program for security researchers

It doesn't take that long for a CAs to do vetting checks for OV and EV certificates when everything is handed to them on a plate. Breaking CAs vetting procedures is not too hard. The key here is that security research shouldn't cost the researcher thousands to prove a valid point. They should be

Re: CA Program for security researchers

On 22/02/2018 22:17, James Burton wrote: There needs to be a program that helps security researchers like myself get free or low cost certificates for research purposes. That EV research I did a while ago nearly set me back personally $4,297. James I think there are three main cases and an

Re: CA Program for security researchers

I didn't put this in the article because it's not relevant as an attacker wouldn't care nonetheless. James On Thu, Feb 22, 2018 at 9:29 PM, James Burton wrote: > They tried charging the card the amount the day after the certificate was > issued but the bank fraud department

Re: CA Program for security researchers

They tried charging the card the amount the day after the certificate was issued but the bank fraud department called me about the transaction and I refused it because it was invalid as it was within the trial period and it was clearly stipulated that I was only going to get charged after the 30

CA Program for security researchers

There needs to be a program that helps security researchers like myself get free or low cost certificates for research purposes. That EV research I did a while ago nearly set me back personally $4,297. James ___ dev-security-policy mailing list