I just found out that Apple doesn't limit "CA 沃通免费SSL证书 G2" intermediate CA even though Apple limited "WoSign CA Free SSL Certificate G2" intermediate CA. An example of site signed by"CA 沃通免费SSL证书 G2" intermediate CA is https://www.chelenet.com/
Those two intermediate certs are treated by WoSign the same way and the translation of "CA 沃通免费SSL证书 G2" is "WoSign CA Free SSL Certificate G2". Users can select whether the end cert is signed by "CA 沃通免费SSL证书 G2" or "WoSign CA Free SSL Certificate G2". All control measures are the same and the only difference is the language for marketing reasons. Hence, because Apple has chose to blocked "WoSign CA Free SSL Certificate G2", it makes sense to apply the same sanction on "CA 沃通免费SSL证书 G2", as they're in all senses the same. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy