Hello Ryan, thanks for your reply. El lunes, 4 de marzo de 2019, 18:20:20 (UTC+1), Ryan Sleevi escribió: > > Just to make sure: This isn't really a question about CT at all, is it? > It's a question about CAs performing testing in production that leads to > misissuances. >
Mostly is the second: I asked about the existence of good/recommended/approved practices for doing tests, that could have been discussed here in the past. > As with any system, care should be taken before doing testing in production. (...) I agree with you on all that... I just think that repeating pre-prod tests once in production, specially after big changes, is not an option but a must... And the more positively-encouraged are the CAs to make tests, even trying to break their own systems, by their own means or by hiring external hackers, the better for all. Sorry if this went off-topic. The fact that this problem occurred while a CA was doing tests raised my interest. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
