On Tue, Apr 24, 2018 at 11:03 PM, cbonnell--- via dev-security-policy
<dev-security-policy@lists.mozilla.org> wrote:
> On Tuesday, April 24, 2018 at 4:33:24 PM UTC-4, Henri Sivonen wrote:
>> On Tue, Apr 24, 2018 at 10:18 PM, Jeremy Rowley via
>> dev-security-policy
On Tue, Apr 24, 2018 at 10:32 PM, Henri Sivonen <hsivo...@hsivonen.fi> wrote:
> On Tue, Apr 24, 2018 at 10:18 PM, Jeremy Rowley via
> dev-security-policy <dev-security-policy@lists.mozilla.org> wrote:
>> That is correct. We use transliteration of non-latin names throug
On Sun, Apr 15, 2018 at 6:47 PM, Ryan Sleevi <r...@sleevi.com> wrote:
>
> On Sun, Apr 15, 2018 at 9:13 AM Henri Sivonen via dev-security-policy
> <dev-security-policy@lists.mozilla.org> wrote:
>>
>> (Mozilla hat off.)
>>
>> After reading about the C
field of the cert for
https://www.alandsbanken.fi/ .
[1] https://www.saastopankki.fi/ is the primary address to which
http://säästöpankki.fi/ (but not https!) redirects. Web site operators
in Finland generally prefer interoperability with non-IDN-cabable
usage over correct spelling.
--
Henr
to belong to. However, I hear
that a link to this post was distributed to e-residents in a manner
that suggests that this blog actually belongs to whom it claims to
belong.
--
Henri Sivonen
hsivo...@hsivonen.fi
https://hsivonen.fi/
___
dev-security-policy
e have been a number of Firefox ESR security
patch releases that post-date the SeaMonkey release. Is SeaMonkey still
active, despite appearing not to ship Gecko security updates, and does
SeaMonkey implement the same trust special-casing as Firefox? It seems to
produce nightlies still.)
ts.
A wildcard cert solves this, and the solution should be broadly
available (not just to those who pay for OV).
--
Henri Sivonen
hsivo...@hsivonen.fi
https://hsivonen.fi/
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https:/
have any questions,
> thanks.
In the table on page 13, line 6 looks different from the others.
Should that line be in the table on page 14 instead?
--
Henri Sivonen
hsivo...@hsivonen.fi
https://hsivonen.fi/
___
dev-security-policy mailing lis
cord said otherwise, could they issue then?
I'd expect issuance not to be allowed in that case (at least if the
CAA record is still there after clearing DNS caches). Surely a
legitimate CTO should have the means to have the CAA record adjusted
(even if a CTO couldn't change a mistakenly long previousl
and all hell
will break lose).
Is there anything that can be done to help avoid all hell breaking loose here?
--
Henri Sivonen
hsivo...@hsivonen.fi
https://hsivonen.fi/
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https
have the new indicator to fix their act to get
the new indicator.
--
Henri Sivonen
hsivo...@hsivonen.fi
https://hsivonen.fi/
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
to run a globally-trusted CA but
has not found out about the Baseline Requirements before applying
seems pretty scary.
--
Henri Sivonen
hsivo...@hsivonen.fi
https://hsivonen.fi/
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
12 matches
Mail list logo