On 09/11/17 13:09, Rob Stradling via dev-security-policy wrote:
On 06/11/17 22:26, Rob Stradling via dev-security-policy wrote:
<snip>
On Monday 6th November, we scanned the certificates that we'd issued
between 20th October and 5th November. 8 further server
authentication certificates were found, all for subdomains of the same
registered domain. We will get these revoked and then post the details.
The 8 further certs have been revoked and submitted to some CT logs.
They're all related to the same registered domain (kindermorgan.com).
There's yet another SCADA reference ("OU=IT SCADA").
https://crt.id/?id=250561714
https://crt.id/?id=250561721
https://crt.id/?id=250561722
https://crt.id/?id=250561723
https://crt.id/?id=250561724
https://crt.id/?id=250561725
https://crt.id/?id=250561728
https://crt.id/?id=250561731
Sorry for the URL construction fail. The correct URLs are:
https://crt.sh/?id=250561714
https://crt.sh/?id=250561721
https://crt.sh/?id=250561722
https://crt.sh/?id=250561723
https://crt.sh/?id=250561724
https://crt.sh/?id=250561725
https://crt.sh/?id=250561728
https://crt.sh/?id=250561731
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
