Just reported this to Chunghwa Telecom Co., Ltd.: ----------
I'm contacting you about a problem with the certificate for *.hinet.net, as it can be found here [1]. The Authority Information Access / CA Issuers field points to: http://repository.publicca.hinet.net/certs/IssuedToThisCA.p7b According to RFC 5280 this must be a DER-encoded certificate. See also recent discussion on the Mozilla policy list [2]. However this does not look like a different certificate encoding (PKCS #7 binary). Please make sure you serve a correct, DER-encoded intermediate via the AIA field. [1] https://crt.sh/?id=206075223 [2] https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/g09ZgCRPVe0 -- Hanno Böck https://hboeck.de/ _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy