On Sat, Sep 3, 2016 at 10:11 PM, Richard Wang <rich...@wosign.com> wrote: > It is posted, just Peter not find it that I told him the Log id.
Richard, Thank you for providing the log ids. I am glad to see these are now logged, but I will point out the log timestamps for these two certificates are both later than the time of the email saying all were logged. I did not find them because they were not logged when I was looking. Thanks, Peter > We are also checking system again to double check if we missed some. > > Please be patient for our full 20 pages report, thanks, > > Regards, > > Richard > >> On 4 Sep 2016, at 12:12, Matt Palmer <mpal...@hezmatt.org> wrote: >> >>> On Sat, Sep 03, 2016 at 02:18:44PM -0700, Peter Bowen wrote: >>> Can you also please check the following two certificates? It looks >>> like they were missed when logging all the 2015 certs. >>> >>> https://www.censys.io/certificates/c04748c89de2bf73d56b601cf61db32953dfeca5ef62e0281d326c4ce9035fe2 >>> https://www.censys.io/certificates/d99309f071141454f805c13551a827aa116bb53daefd8609e296c06b0dcdf720 >>> >>> Additionally, it looks like there may be a gap in logging for 2016. >>> For example, >>> https://www.censys.io/certificates/06797f8095ba4d9c9ec5b9475cff7df3b258069cc89f303cd91dc329eaf0c08f >>> does not show up in any log. >> >> Our of curiosity, is anyone keeping a tally of the number of times WoSign >> has said, "yep, they're all logged now", only to have more unlogged >> certificates turn up? This is starting to feel like a bit of a repeat of >> DigiNotar, insofar as a CA doesn't appear to have a clear record of all >> issuance. >> >> - Matt >> >> _______________________________________________ >> dev-security-policy mailing list >> dev-security-policy@lists.mozilla.org >> https://lists.mozilla.org/listinfo/dev-security-policy > > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
