Skip to Content.
Sympa Menu

cacert-sysadm - Re: [Cacert-sysadm] CAcert email address snafu

cacert-sysadm AT lists.cacert.org

Subject: CAcert System Admins discussion list

List archive

Re: [Cacert-sysadm] CAcert email address snafu


Chronological Thread 
  • From: "Sam Johnston" <samj AT samj.net>
  • To: IanG <iang AT cacert.org>
  • Cc: Philipp Guehring <philipp AT cacert.org>, CAcert System Administrators <cacert-sysadm AT lists.cacert.org>
  • Subject: Re: [Cacert-sysadm] CAcert email address snafu
  • Date: Thu, 28 Aug 2008 12:48:22 +0200
  • List-archive: <http://lists.cacert.org/pipermail/cacert-sysadm>
  • List-id: CAcert System Admins discussion list <cacert-sysadm.lists.cacert.org>

On Wed, Aug 27, 2008 at 3:46 PM, IanG <iang AT cacert.org> wrote:

$ whois iang.org | grep CAcert-auth

It looks a lot simpler to me than checking DNS, but I gather
DNS is checkable via other programs.  Or, have I missed something?

Perhaps but this doesn work for many domains and would likely be unreliable. Such checks should go in the DNS itself, and be conducted as and when we see fit (probably as often as we can, within reason). Problems should be alerted and if not resolved promptly then certificates should be revoked. This solves the problem of domain turnover too (eg ownership changes).

Sam
 



Archive powered by MHonArc 2.6.16.

Top of Page