cacert-sysadm AT lists.cacert.org
Subject: CAcert System Admins discussion list
List archive
- From: "Sam Johnston" <samj AT samj.net>
- To: IanG <iang AT cacert.org>
- Cc: Philipp Guehring <philipp AT cacert.org>, CAcert System Administrators <cacert-sysadm AT lists.cacert.org>
- Subject: Re: [Cacert-sysadm] CAcert email address snafu
- Date: Thu, 28 Aug 2008 12:48:22 +0200
- List-archive: <http://lists.cacert.org/pipermail/cacert-sysadm>
- List-id: CAcert System Admins discussion list <cacert-sysadm.lists.cacert.org>
On Wed, Aug 27, 2008 at 3:46 PM, IanG <iang AT cacert.org> wrote:
Perhaps but this doesn work for many domains and would likely be unreliable. Such checks should go in the DNS itself, and be conducted as and when we see fit (probably as often as we can, within reason). Problems should be alerted and if not resolved promptly then certificates should be revoked. This solves the problem of domain turnover too (eg ownership changes).
Sam
$ whois iang.org | grep CAcert-auth
It looks a lot simpler to me than checking DNS, but I gather
DNS is checkable via other programs. Or, have I missed something?
Perhaps but this doesn work for many domains and would likely be unreliable. Such checks should go in the DNS itself, and be conducted as and when we see fit (probably as often as we can, within reason). Problems should be alerted and if not resolved promptly then certificates should be revoked. This solves the problem of domain turnover too (eg ownership changes).
Sam
- Re: [Cacert-sysadm] CAcert email address snafu, (continued)
- Re: [Cacert-sysadm] CAcert email address snafu, samj, 08/12/2008
- Message not available
- Re: [Cacert-sysadm] CAcert email address snafu, samj, 08/17/2008
- Message not available
- Re: [Cacert-sysadm] CAcert email address snafu, samj, 08/17/2008
- Message not available
- Re: [Cacert-sysadm] CAcert email address snafu, IanG, 08/18/2008
- Re: [Cacert-sysadm] CAcert email address snafu, Sam Johnston, 08/19/2008
- Re: [Cacert-sysadm] CAcert email address snafu, IanG, 08/19/2008
- Re: [Cacert-sysadm] CAcert email address snafu, Sam Johnston, 08/20/2008
- Re: [Cacert-sysadm] CAcert email address snafu, IanG, 08/22/2008
- Re: [Cacert-sysadm] CAcert email address snafu, Sam Johnston, 08/22/2008
- Re: [Cacert-sysadm] CAcert email address snafu, IanG, 08/28/2008
- Re: [Cacert-sysadm] CAcert email address snafu, Sam Johnston, 08/28/2008
- Re: [Cacert-sysadm] CAcert email address snafu, IanG, 08/29/2008
- Re: [Cacert-sysadm] CAcert email address snafu, Sam Johnston, 08/29/2008
- Re: [Cacert-sysadm] CAcert email address snafu, Philipp Guehring, 08/16/2008
- Re: [Cacert-sysadm] CAcert email address snafu, IanG, 08/17/2008
- Re: [Cacert-sysadm] CAcert email address snafu, samj, 08/17/2008
- Re: [Cacert-sysadm] CAcert email address snafu, samj, 08/17/2008
- Re: [Cacert-sysadm] CAcert email address snafu, IanG, 08/17/2008
- Re: [Cacert-sysadm] CAcert email address snafu, samj, 08/18/2008
- Re: [Cacert-sysadm] CAcert email address snafu, IanG, 08/18/2008
Archive powered by MHonArc 2.6.16.