Dear Wayne, The previous email has some typos, corrected as follows.
1. When I was back to my office after the travlelling from England and disussed with my colleauges, I mailed the situation and the plan to Wayne and Kathleen on June 15. ====> When I was back to my office after the travleling from England and discussed with my colleagues, I mailed the situation and the plan to Wayne and Kathleen on June 15. 2. After our customer installed a new certificate (https://crt.sh/?id=519100183) in their web servers, network equipments and firewall, The certificate of https://crt.sh/?id=508868868 was revoked on June 21. ====> After our customer installed a new certificate (https://crt.sh/?id=519100183) in their web servers, network equipment and firewall, The certificate of https://crt.sh/?id=508868868 was revoked on June 21. Sincerely Yours, Li-Chun lcchen...@gmail.com於 2018年7月7日星期六 UTC+8下午11時39分17秒寫道: > Dear Wayne, > > Our two customers requested to use original CSR to issue two shorter > validity SSL certificates. By the re-issuance function of a program, to > insert original applications data, our SSL RA Officers checked the addresses > but they forgot to add L in Subject DN. So there are two SSL Certificates as > below lack of L or S in Subject DN. > > 1.Serial Number:20BD5F0B51809E44C0718AB133CA5E78 CN=*.sercomm.com, > O=中磊電子股份有限公司, C=TW or https://crt.sh/?id=508868868 > > 2.Serial Number:3CE33A6D8899A211FB2D296D9E0B69CB CN=app3.uupon.tw, > O=點鑽整合行銷股份有限公司, C=TW or https://crt.sh/?id=512788172 > > Our researchers of Telecommunication Laboratories of Chunghwa Telecom > found above issue on June 11 and told our SSL RA Officers to contact the > customers. When I was back to my office after the travlelling from England > and disussed with my colleauges, I mailed the situation and the plan to Wayne > and Kathleen on June 15. > > This certificate of https://crt.sh/?id=512788172 was revoked on June 11 > soon. > > We have re-issued new certificates for two customers as below: > > 42664EEA106F2CBF736ADBF949D4218F CN=*.sercomm.com, O=中磊電子股份有限公司, L=臺北市, C=TW > or https://crt.sh/?id=519100183 > > 100079C87402938109A5FEC040C5BE0F CN=app3.uupon.tw, O=點鑽整合行銷股份有限公司, L=臺北市, > C=TW or https://crt.sh/?id=549539943 > > After our customer installed a new certificate > (https://crt.sh/?id=519100183) in their web servers, network equipments and > firewall, The certificate of https://crt.sh/?id=508868868 was revoked on June > 21,. > > The checking function of Subject DN about either L or S are online June > 22. I mailed to Wayne and Kathleen on June 22. > > We confirm that the problem has been solved and will not happen in the > future. > > As we have discussed in CABF, Taiwan is a small country without > state/provinces. We follow X.500, X.520 and Taiwan’s government’s DIT for the > certificates. We can unique identify the subject without state/provinces and > locality in DN for a central government agency or a company. (For example, In > Taiwan's Company Act, > https://law.moj.gov.tw/Eng/LawClass/LawAll.aspx?PCode=J0080001, Article 18 > No company may use a corporate name which is identical with that of another > company. ). We really receive some subscribers of central government agency > or a company asked why your CA adds L in the subject DN of an SSL > certificate. We explain that we follow the BR about either L or S should be > in Subject DN now. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy