On Monday, 19 June 2017 20:57:28 UTC+1, Tavis Ormandy wrote: > I noticed there's an apparently valid facebook.com certificate in there > (61b1526f9d75775c3d533382f36527c9.pem). This is surprising to me, that > seems like it would be in CT already - so maybe I don't know what I'm doing. > > Let me know if I've misunderstood something. > > Tavis.
Thanks for uploading these. I submitted that one in particular which can now be seen here: https://crt.sh/?id=157454198 This is the certificate for a precertificate which was already in the CT logs: https://crt.sh/?id=81124044 (crt.sh handily has links in both directions between both certificates now that it knows about both) and the issuance is therefore "known" already, but the final signed certificate was not seen by any logs. It is useful to have the final certificate now as well. I haven't looked at any of the others, but I imagine this case only covers a small percentage of the total. When someone here with a more automated approach to submitting the certificates (along with their intermediates) analyses them I imagine we will see some interesting results. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy