On 03.01.2009 20:01, Eddy Nigg wrote:
the other layers of defense
Please don't call the blacklist a real "layer of defense". If he didn't
try to get a cert for paypal.com, it would have worked. All layers
failed. Please be honest enough to yourself to admit that, so that you
can try to find new layers or checks.
the "attacker" was banned from the StartCom network
FWIW, I think it's a bit overreaction to immediately revoke *all* his certs.
The staff has reacted incredible fast and awareness high as well.
Yes, that surprised me, too.
Even during the day, it was fairly fast. But it in the middle of the
night (midnight and later), right? The times were local time (Israel) or
UTC?
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
