On January 18, 2019, Entrust discovered that 9 SSL certificates with underscore characters which were issued for more than 30 days were not revoked before 15 January 2019. All certificates were revoked on 18 January 2019.
Details of the incident report can be found here, https://bugzilla.mozilla.org/show_bug.cgi?id=1521520. Thanks, Bruce. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy