Re: Symantec Response E

2017-04-10 Thread Ryan Sleevi via dev-security-policy
Hi Steve, Quick questions: 1) To confirm, your response states nothing about any improved procedures or testing put into place regarding this. a) Can you describe what, if anything, Symantec did, beside "fix the bug"? b) What assurances should the community have regarding Symantec's

Symantec Response E

2017-04-10 Thread Steve Medin via dev-security-policy
Issue E: Domain Validation Vulnerability (October 2015) With respect to Issue E, Symantec has no additional comments regarding the perspective outlined in the summary. Please see