On 09/12/13 12:42, Ralf Skyper Kaiser wrote: > I added the incident to https://wiki.thc.org/ssl#OtherIncidents
This is incorrectly listed - the heading here is "Other leading Root Certification Authorities had security breaches, some of them allowed the attacker to issue valid certificate for any domain." As far as anyone is aware, there was no attack on the CA and no security breach in this case. You either need to change the heading, or remove ANSSI and TurkTrust and Trustwave from the list. > Will there be more public information available? The Mozilla bug is now open: https://bugzilla.mozilla.org/show_bug.cgi?id=946351 and Google has published most of the cert chain: https://www.imperialviolet.org/binary/anssi-chain.txt Gerv
