Re: NAVER: Public Discussion of Root Inclusion Request

Minor but it seems like all certificates with a stateOrProvinceName field are misissued. The ST field should probably be the "Gyeonggi-do" as the "Seongnam-si" entered is a city. ‐‐‐ Original Message ‐‐‐ On Friday, 9 October 2020 23:09, Ben Wilson via dev-security-policy wrote: >

Clear definition of a "locality"

I sent a problem report to rev...@digicert.com regarding the locality field in: https://crt.sh/?q=12EC8C05667173603367E8F93B7FDCA7EC60F9838EF3B72A4483BAF48DE48F4B Jeremy Rowley replied stating that he believed the locality was correct as there was no clear definition of a locality, can we get a

Re: Intermediate common name ambiguous naming

Definitely seems better for this issue, more identifiable to the user and Firefox already does this for the padlock icon menu. ‐‐‐ Original Message ‐‐‐ On Sunday, 20 December 2020 17:04, Matthew Thompson via dev-security-policy wrote: > It's not ideal that Google Chrome now states

Re: Apple OCSP Responder Issues Yesterday (2020-11-12)

I agree, from what I have seen online is that while Apple's OCSP responser was indeed soft-fail, it didn't have any short-term timeout so requests were left lingering. Due to it being soft-fail I've seen numerous posts detailing how to block the OCSP responder address either via DNS or via the