DMARC -> CERT?

• Previous message (by thread): DMARC -> CERT?
• Next message (by thread): DMARC -> CERT?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Apr 14, 2014 at 6:21 PM, Scott Howard <scott at doc.net.au> wrote:
> On Mon, Apr 14, 2014 at 2:59 PM, Jim Popovitch <jimpop at gmail.com> wrote:
>>
>> 7-April: Monday, Yahoo's dmarc change kicks everyone in the groin, the
>> last full week before the US tax filing deadline.
>
>
> The change was made on the previous Friday, so that date is largely
> irrelevant.
>
>> 7-April: OpenSSL's *public* advisory (after a full week of private
>> notifications, of which yahoo surely was one tech company in on the
>> early notifications)
>
>
> Given that many of their main services were vulnerable at the time of public
> disclosure, I think that's a very large assumption to make...
>
> If nothing else, I suspect the odds of it being known by the same people
> that made the DMARC decision/changes is low.

I think you are right on that, but that doesn't change the fact that
the sum of those things overburdened a lot of mailinglist operators.
It is what it is, and the press has covered it and mailinglists are
blocking/unsub'ing yahoo accounts in order to cope.

-Jim P.

• Previous message (by thread): DMARC -> CERT?
• Next message (by thread): DMARC -> CERT?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]