On Thu, Jul 14, 2016 at 02:52:41AM -0700, Nick Lamb wrote:
> On Thursday, 14 July 2016 05:18:20 UTC+1, Andrew Ayer wrote:
> > Revocation does not address the risk that this mis-issuance has caused
> > to the ecosystem, since collided certificates (the ones we cannot see,
> > and need to be
On Thu, 14 Jul 2016 02:52:41 -0700 (PDT)
Nick Lamb wrote:
> On Thursday, 14 July 2016 05:18:20 UTC+1, Andrew Ayer wrote:
> > Revocation does not address the risk that this mis-issuance has
> > caused to the ecosystem, since collided certificates (the ones we
> > cannot
On 7/13/16 8:02 PM, sanjay_m...@symantec.com wrote:
On Tuesday, July 12, Symantec erroneously produced and issued 8 SHA-1
certificates in support of one customer’s application to submit SHA-1 TBS
Certificates to the CA/B Forum for a SHA-1 exception. Symantec has revoked the
certificates. An
On Thursday, 14 July 2016 05:18:20 UTC+1, Andrew Ayer wrote:
> Revocation does not address the risk that this mis-issuance has caused
> to the ecosystem, since collided certificates (the ones we cannot see,
> and need to be worried about) have different serial numbers and
> therefore do not
On 14/07/16 05:17, Andrew Ayer wrote:
Have the key pairs been used previously?
Hi Andrew.
All 8 of these SHA-1 precertificates are known to CT and crt.sh. The
same 8 public keys appear in a further 8 SHA-256 precertificates that
were issued 5 days earlier by a different Symantec issuing
5 matches
Mail list logo