Hi All, Yesterday I found a new false issued certificate for defence.external.int. It looks like the problems with Comodo are still not solved. Isn't it?
The certificate below has been issued by Comodo just a few days ago on the domain external.int which hasn't been registered. I'm surprised that this bug is still listed as "new" after it has been open for almost a year. Comodo apparently not solved the problem. They are still seen as a trusted certificate authority. But how many false issued certificate would there be on the Comodo roots? Or is this the only one? I don't think so. >>>>>>>>>>>>>>>>>>>> THE CERTIFICATE <<<<<<<<<<<<<<<<<<<< -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgIQNDAhbYnYDq1arx2R5g5oWzANBgkqhkiG9w0BAQUFADB7 MQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD VQQHEwdTYWxmb3JkMRowGAYDVQQKExFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE AxMYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTA5MTAyOTAwMDAwMFoXDTEw MTAyOTIzNTk1OVowgcQxCzAJBgNVBAYTAk5MMRAwDgYDVQQREwcyNTE2IEFCMRUw EwYDVQQIEwxadWlkLUhvbGxhbmQxEjAQBgNVBAcTCVRoZSBIYWd1ZTEVMBMGA1UE CRMMTWFhbndlZywgMTc0MRAwDgYDVQQKEwdJQ0MtQ1BJMQ0wCwYDVQQLEwRJQ1RT MSEwHwYDVQQLExhDb21vZG8gUHJlbWl1bVNTTCBMZWdhY3kxHTAbBgNVBAMTFGRl ZmVuY2UuZXh0ZXJuYWwuaW50MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/ OOGdLQkom++eMFElFnpHt6kJ5IXKYq0+xVMU2IzVtiFE9sbnJgDNVnmMAQckbWyR y9gd+6fmQDgruYWeCvGJKPOSv2VqqE74EaT2oBpgTEg/g3e3lpbVv8rWCuEx56bH Cq9oLeKnmnpIr9pEVIBHITEMOIhARd8Z2LHXYTFU2wIDAQABo4IBuzCCAbcwHwYD VR0jBBgwFoAUMEPcZM0ZXKnzGdI3CZaRngzo1j0wHQYDVR0OBBYEFItAyyoypBx2 5NiOQBkpJUZYt+cyMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBGBgNVHSAEPzA9MDsGDCsGAQQBsjEB AgEDBDArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8ubmV0L0NQ UzB/BgNVHR8EeDB2MDqgOKA2hjRodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9BQUFD ZXJ0aWZpY2F0ZVNlcnZpY2VzXzIuY3JsMDigNqA0hjJodHRwOi8vY3JsLmNvbW9k by5uZXQvQUFBQ2VydGlmaWNhdGVTZXJ2aWNlc18yLmNybDA0BggrBgEFBQcBAQQo MCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTA5BgNVHREE MjAwghRkZWZlbmNlLmV4dGVybmFsLmludIIYd3d3LmRlZmVuY2UuZXh0ZXJuYWwu aW50MA0GCSqGSIb3DQEBBQUAA4IBAQAh2751OyeeorzVSe2dDadctYdNNnyEuYKp 8BFRdqjw2/R12zSNHDYaz13ETgFUFqimrdeRcDGgKyy6NC9q/QXmqxbYxnia1SoU 87TzxaK4zW7RlDwfMH2CtUmiSFuB5FAEEjaBsPBF/DrxH7yr8o+Cgb6TRSF8i+SV MDEBB/DSNeXggLVoBGSAM/qiDTTw0nRcgNX8MUNspMSyaVxjl2wjLKk4yJY9G6kE R2tzNFfwrrzOrAG9UMNwgqt6MsOEUIf+gSnInawG1DnZbD5gzD9xwU4rIDYs/Lw8 5hh7Ybse5li/RckCC1mAVWk56g9LNLRDoMFOtBwuPfU656nudg94 -----END CERTIFICATE----- >>>>>>>>>>>>>>>>>>>> WHOIS <<<<<<<<<<<<<<<<<<<< Registry: whois.iana.org Results: Domain external.int not found. This whois server only provides data for which IANA is authoritative, including ".int" domains, ".arpa" domains, top level domains, and some reserved names. >>>>>>>>>>>>>>>>>>>> CRL <<<<<<<<<<<<<<<<<<<< The crl at: http://crl.comodoca.com/AAACertificateServices_2.crl has no entry of this certificate with serial number: 3430216D89D80EAD5AAF1D91E60E685B Certificate Revocation List (CRL): Version 2 (0x1) Signature Algorithm: sha1WithRSAEncryption Issuer: /C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA Limited/CN=AAA Certificate Services Last Update: Nov 3 01:51:21 2009 GMT Next Update: Nov 7 01:51:21 2009 GMT CRL extensions: X509v3 Authority Key Identifier: keyid:30:43:DC:64:CD:19:5C:A9:F3:19:D2:37:09:96:91:9E:0C:E8:D6:3D X509v3 CRL Number: 1139 -- With kind regards, Paul van Brouwershaven Networking4all B.V. ____________________________________________ Phone: (31) 20 7881030 Fax: (31) 20 7881040 Email: p.vanbrouwersha...@networking4all.com Internet: http://www.networking4all.com _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security