DMARC -> CERT?
Scott Howard
scott at doc.net.au
Mon Apr 14 22:21:40 UTC 2014
On Mon, Apr 14, 2014 at 2:59 PM, Jim Popovitch <jimpop at gmail.com> wrote:
> 7-April: Monday, Yahoo's dmarc change kicks everyone in the groin, the
> last full week before the US tax filing deadline.
>
The change was made on the previous Friday, so that date is largely
irrelevant.
7-April: OpenSSL's *public* advisory (after a full week of private
> notifications, of which yahoo surely was one tech company in on the
> early notifications)
>
Given that many of their main services were vulnerable at the time of
public disclosure, I think that's a very large assumption to make...
If nothing else, I suspect the odds of it being known by the same people
that made the DMARC decision/changes is low.
Scott
More information about the NANOG
mailing list