CAA effective now. 4/6 CAs in experiment good, but 2/6 (Comodo, StartCom) issued cert without checking DNS! Following up with support.
Please report your findings to the browser community, either https://groups.google.com/forum/#!forum/mozilla.dev.security.policy … or a Mozilla bug under CA Certificate Mis-Issuance
-
-
You should also report to CAs via the Problem Reporting Mechanism listed here: https://ccadb-public.secure.force.com/mozilla/CAInformationReport … Support often doesn't know what to do
-
Thank you for the pointers, will report to CAs through that mechansim and write up tests & result tomorrow!
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.