Yesterday, Andrew Ayer reported two additional misissued certificates: * Space in SAN, issued yesterday: https://bugzilla.mozilla.org/show_bug.cgi?id=1539531#c7 * O=Entreprise TEST, issued in January: https://bugzilla.mozilla.org/show_bug.cgi?id=1496088#c20
I've added these to the issues list. On April 17, 2019 at 2:44:44 AM, Wayne Thayer via dev-security-policy ( > dev-security-policy@lists.mozilla.org) wrote: > > Mozilla has decided that there is sufficient concern [1] about the > activities and operations of the CA Certinomis to collect together a list > of issues. That list can be found here: > https://wiki.mozilla.org/CA/Certinomis_Issues > > Note that this list may expand or contract over time as issues are > investigated further, with information either from our or our community's > investigations or from Certinomis. > > We expect Certinomis to engage in a public discussion of these issues and > give their comments and viewpoint. We also hope that our community will > make comments, and perhaps provide additional information based on their > own investigations. > > When commenting on these issues, please clearly state which issue you are > addressing on each occasion. The issues have been given identifying letters > and numbers to help with this. > > At the end of a public discussion period between Mozilla, our community, > and Certinomis, which we hope will be no longer than a couple of weeks, > Mozilla will move to make a decision about how to respond to these > concerns, based on the picture which has then emerged. > > - Wayne > > [1] > https://wiki.mozilla.org/CA/Maintenance_and_Enforcement#Recurring_Issues > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
