I came across an interesting certificate today: https://crt.sh/?id=2385087905
According to Censys, this certificate is publicly trusted on of the major root programs. This certificate has a very long lifetime, and just seems to be *weird* in a lot of ways. Are these types of certificates okay to issue from a publicly trusted roots/intermediates? It does seem that the issuer has been revoked on Mozilla per crt: https://crt.sh/?caid=74630 -- You received this message because you are subscribed to the Google Groups "dev-security-policy@mozilla.org" group. To unsubscribe from this group and stop receiving emails from it, send an email to dev-security-policy+unsubscr...@mozilla.org. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/4e406d31-098a-487b-90d2-704c9ea39740n%40mozilla.org.