<div dir="auto">Great, thanks! </div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Oct 13, 2022, 10:44 AM Josh Aas <<a href="mailto:josh@letsencrypt.org">josh@letsencrypt.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Great timing for this question. We are working with the folks from Princeton on a proposal that we plan to send to this list in the next couple of months.<br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Oct 13, 2022 at 12:26 PM Ben Wilson via Validation <<a href="mailto:validation@cabforum.org" target="_blank" rel="noreferrer">validation@cabforum.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>All,</div><div>Do we need to somehow add something in the BRs to better protect subscribers against BGP hijacking?  See <a href="https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/lxiA7zcKLws/m/-1imDKu4AQAJ" target="_blank" rel="noreferrer">https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/lxiA7zcKLws/m/-1imDKu4AQAJ</a> and <a href="https://www.coinbase.com/blog/celer-bridge-incident-analysis" rel="nofollow noreferrer" target="_blank">https://www.coinbase.com/blog/celer-bridge-incident-analysis</a>. Is there something that CAs and subscribers can arrange ahead of time to prevent this kind of attack from succeeding? Could the CA/Browser Forum adopt something in the BRs that would be of benefit? <br></div><div>Thanks,</div><div>Ben<br></div></div>
_______________________________________________<br>
Validation mailing list<br>
<a href="mailto:Validation@cabforum.org" target="_blank" rel="noreferrer">Validation@cabforum.org</a><br>
<a href="https://lists.cabforum.org/mailman/listinfo/validation" rel="noreferrer noreferrer" target="_blank">https://lists.cabforum.org/mailman/listinfo/validation</a><br>
</blockquote></div><br clear="all"><br>-- <br><div dir="ltr">Josh Aas<br>Executive Director<br>Internet Security Research Group<br>Let's Encrypt: A Free, Automated, and Open CA<br></div>
</blockquote></div>