Hi Wayne and all,
I've been noticing an increasing number of CA errors, https://crt.sh/?cablint=issues Is anyone monitoring this list and asking for misissuance reports for those that are not compliant? There are 15 different errors and around 300 individual errors (excluding the SHA-1 "false" errors). Some CAs are issuing certs to CNs of localhost, are including RFC822 SANs, not including OCSP links and many more. - Actalis, - Digicert, - Microsoft, - There are also some warning checks that should actually be errors like underscores in CNs or SANs. Doug
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
