On 09/08/16 00:16, Kathleen Wilson wrote: <snip>
It seems to me that as long as a revoked intermediate certificate has been disclosed (i.e. in Salesforce) that the certificates that it signed do not need to be disclosed.
I've just changed "Probably!" to "Unknown" (for the "Unconstrained, but all unexpired observed paths Revoked" group on https://crt.sh/mozilla-disclosures).
"Unknown" is appropriate because crt.sh cannot know whether or not it has observed all of the paths that exist.
<snip> -- Rob Stradling Senior Research & Development Scientist COMODO - Creating Trust Online _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy