DigiCert CPS section 1.5.2 [1] could also more clearly state that [email protected] is the correct address for 'reporting suspected Private Key Compromise, Certificate misuse, or other types of fraud, compromise, misuse, inappropriate conduct, or any other matter related to Certificates.' Since both email addresses are listed in that section, it's not difficult to mistake [email protected] as the problem reporting mechanism, even though the last sentence in 1.5.2.1 implies that [email protected] is for problem reporting.
- Wayne [1] https://www.digicert.com/wp-content/uploads/2019/04/DigiCert_CPS_v418.pdf On Thu, May 9, 2019 at 3:46 PM Andrew Ayer via dev-security-policy < [email protected]> wrote: > On Thu, 9 May 2019 14:47:05 +0000 > Jeremy Rowley via dev-security-policy > <[email protected]> wrote: > > > Hi Han - the proper alias is [email protected]. The support alias > > will sometimes handle these, but not always. > > Is that also true of SSL certificates? [email protected] is listed > first at > > https://ccadb-public.secure.force.com/mozilla/ProblemReportingMechanismsReport > > That should be fixed if [email protected] is not the right place to > report problems with SSL certificates. > > Regards, > Andrew > _______________________________________________ > dev-security-policy mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
