On 09/05/16 21:07, Rob Stradling wrote:
<snip>
Ben: You might want to fix this record in Salesforce.
Ben, two more of the entries you added have the wrong SHA-1 fingerprint...
ECRaizEstado - d34b Baltimore Baltimore CyberTrust Root SCEE
ECRaizEstado 6DB6F9D0D20096775111D24809BFD740F69C424B
...is actually this cert...
https://crt.sh/?q=B5C4B2C32D007F6567ECD2A70A92E8B6062CA21A
Vodafone (Corporate Services 2009) Vodafone Group Vodafone (Corporate
Domain 2009) Vodafone Group Vodafone (Corporate Services 2009)
FA4DAA0C2C40550449BFFBE6C52E8BDCAB256534
...is actually this cert...
https://crt.sh/?q=8791A164253A86DECC7987A2637C4F103F7CB7E3
In both cases, the "X.509 Certificate (PEM)" field contains more than
just the base64-encoded certificate and PEM header/footer.
Kathleen: Is it possible to persuade Salesforce to validate the entered
data correctly, so that CAs are alerted when something like this happens?
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
