This is now on crt.sh here: https://crt.sh/?id=156475584&opt=cablint,x509lint
This is indeed a key compromise event, thanks for the level of detail provided. An attacker in control of a network could use this to impersonate https://drmlocal.cisco.com/ and leverage that to potentially steal a user's secure cookies from other Cisco subdomains if they were scoped to the whole cisco.com domain. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy