-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Koen,
The compromised certificate for drmlocal.cisco.com serial number 6170CE2EC8B7D88B4E2EB732E738FE3A67CF672 has been revoked. A new certificate is being reissued to drmlocal.cisco.com and we will work with the developers of the YES video player to ensure that the issue does not happen again. If you should find such an issue again in a Cisco owned domain, please report it to ps...@cisco.com and we will ensure that prompt and proper actions are taken. Regards, - -Troy - -- Troy Fridley, CISSP Incident Manager, Cisco PSIRT Phone: 614-336-4385 E-Mail: troy.fridleyATcisco.com PGP Key ID: 0x7B31ED20 -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iEYEARECAAYFAllGmSwACgkQ1ANYX3sx7SASCgCg/ABvJQZSZf+pIG16AMgMPwF8 z4oAnRrpx2I5NJizxg2H1aftlwyJ15fT =ayil -----END PGP SIGNATURE----- On Sunday, June 18, 2017 at 5:18:23 AM UTC-4, Koen Rouwhorst wrote: > > If this is indeed considered a key compromise, where do I go from here, and > what are the recommended steps to take? Do I need to contact the subscriber > (Cisco), and ask them to send a revocation request for this certificate to > the issuer? Or do I need to notify the issuer (HydrantID), and ask them to > revoke this certificate? > > Thanks. > > Best regards, > Koen Rouwhorst _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy