On Tuesday, August 30, 2016 at 1:03:57 AM UTC+2, Percy wrote: > "Some certificates are revoked after getting report from subscriber, but some > still valid, if any subscriber think it must be revoked and replaced new one, > please contact us in the system, thanks" > > WoSign seems to lack the basic understanding of how a certificate is used in > authentication, consequently unfit to be a CA, I call for revocation of > WoSign from all root programs immediately. > http://www.percya.com/2016/08/chinese-ca-wosign-faces-revocation.html
I concur absolutely and as such, urge all vendors to revoke WoSign as a trusted CA. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
