[cabfpub] BR Authorized Ports, add 8443
Ryan Sleevi
sleevi at google.com
Thu Mar 1 16:18:24 UTC 2018
This was intentional and keeps the port numbers within the standard set of
'authorized' ports (in the notion of unix systems) - ports <1024 requiring
privileged access.
This is generally true (but not explicitly) on other systems.
Given that WoSign/WoTrus's past issuance systems allowed unprivileged users
to obtain certificates through the use of high port numbers (in this case,
for STUN/TURN services and SSH), I do not think it particularly wise or
encouraging to consider this.
On Thu, Mar 1, 2018 at 10:51 AM, Ben Wilson via Public <public at cabforum.org>
wrote:
> Forwarding from Richard Wang:
>
> The current BRs say:
>
> Authorized Ports: One of the following ports: 80 (http), 443 (http), 25
> (smtp), 22 (ssh).
>
> But many internal networks use the port 8443, broadly used in Apache
> server, today, one of our customers uses this port and can't change to use
> another port, I wish you can help to add this port 8443 to be allowed in
> the BRs, thanks.
>
> https://www.speedguide.net/port.php?port=8443, it says "8443 is the
> Common alternative HTTPS port."
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20180301/d98ea518/attachment-0003.html>
More information about the Public
mailing list