On Mon, 8 Feb 2021 13:40:05 -0500
Andrew Ayer via dev-security-policy
wrote:
> The BRs permit CAs to bypass CAA checking for a domain if "the CA or
> an Affiliate of the CA is the DNS Operator (as defined in RFC 7719)
> of the domain's DNS."
Hmm. Would this exemption be less dangerous for a CA
All,
GlobalSign has provided a very detailed incident report in Bugzilla - see
https://bugzilla.mozilla.org/show_bug.cgi?id=1690807#c2.
There are a few remaining questions that still need to be answered, so this
email is just to keep you aware.
Hopefully later this week I'll be able to come back
2 matches
Mail list logo