On Thursday, August 25, 2016 at 12:14:10 AM UTC-7, Richard Wang wrote: > We can post all 2015 issued SSL certificate to CT log server if necessary.
Is there any reason not to do that proactively? R: OK, we will post all 2015 issued SSL certificates to CT log server, but this take time since we issued 115K SSL certificate in 2015. For incident 1 - mis-issued certificate with un-validated subdomain, total 33 certificates. We have posted to CT log server and listed in crt.sh, here is the URL. Some certificates are revoked after getting report from subscriber, but some still valid, if any subscriber think it must be revoked and replaced new one, please contact us in the system, thanks. https://crt.sh/?id=7036355 https://crt.sh/?id=29805552 https://crt.sh/?id=7678955 https://crt.sh/?id=29805553 https://crt.sh/?id=29805554 https://crt.sh/?id=29805555 https://crt.sh/?id=29805556 https://crt.sh/?id=6798197 https://crt.sh/?id=29805558 https://crt.sh/?id=6798107 https://crt.sh/?id=29805559 https://crt.sh/?id=7728281 https://crt.sh/?id=29805560 https://crt.sh/?id=6639307 https://crt.sh/?id=29805561 https://crt.sh/?id=29805562 https://crt.sh/?id=6805650 https://crt.sh/?id=6739981 https://crt.sh/?id=7966229 https://crt.sh/?id=7094833 https://crt.sh/?id=29805563 https://crt.sh/?id=29805564 https://crt.sh/?id=29805565 https://crt.sh/?id=29805566 https://crt.sh/?id=29805567 https://crt.sh/?id=6843440 https://crt.sh/?id=29805568 https://crt.sh/?id=6999366 https://crt.sh/?id=29805569 https://crt.sh/?id=9534934 https://crt.sh/?id=29806448 https://crt.sh/?id=29813139 https://crt.sh/?id=29647048 For incident 0, the certificate issued related using higher level port validated, total 72 certificates. To be clear, those certificates are validated by website control validation method that using other port except 80 and 443. So we think those certificate no need to be revoked. The crt.sh link just for your reference. https://crt.sh/?id=29805572 https://crt.sh/?id=7022909 https://crt.sh/?id=7564839 https://crt.sh/?id=29805573 https://crt.sh/?id=29805574 https://crt.sh/?id=29805575 https://crt.sh/?id=29805576 https://crt.sh/?id=29805577 https://crt.sh/?id=6969460 https://crt.sh/?id=29805578 https://crt.sh/?id=29805579 https://crt.sh/?id=29805580 https://crt.sh/?id=29805581 https://crt.sh/?id=29805582 https://crt.sh/?id=29805584 https://crt.sh/?id=29805585 https://crt.sh/?id=29805586 https://crt.sh/?id=9911443 https://crt.sh/?id=29805587 https://crt.sh/?id=7122803 https://crt.sh/?id=29805588 https://crt.sh/?id=29805589 https://crt.sh/?id=9985267 https://crt.sh/?id=29805590 https://crt.sh/?id=29805591 https://crt.sh/?id=29805592 https://crt.sh/?id=29805593 https://crt.sh/?id=29805594 https://crt.sh/?id=7224978 https://crt.sh/?id=10917791 https://crt.sh/?id=29805595 https://crt.sh/?id=29805596 https://crt.sh/?id=29805597 https://crt.sh/?id=6788465 https://crt.sh/?id=7224923 https://crt.sh/?id=9169568 https://crt.sh/?id=6836953 https://crt.sh/?id=29805598 https://crt.sh/?id=8172756 https://crt.sh/?id=29805599 https://crt.sh/?id=29805600 https://crt.sh/?id=7021184 https://crt.sh/?id=29805601 https://crt.sh/?id=29805602 https://crt.sh/?id=29805603 https://crt.sh/?id=29805604 https://crt.sh/?id=6927114 https://crt.sh/?id=6777468 https://crt.sh/?id=9793847 https://crt.sh/?id=29805605 https://crt.sh/?id=29805606 https://crt.sh/?id=29805607 https://crt.sh/?id=29805608 https://crt.sh/?id=9932344 https://crt.sh/?id=29805609 https://crt.sh/?id=29805610 https://crt.sh/?id=6880740 https://crt.sh/?id=29805611 https://crt.sh/?id=29805612 https://crt.sh/?id=7015627 https://crt.sh/?id=10008992 https://crt.sh/?id=29805613 https://crt.sh/?id=29805614 https://crt.sh/?id=29805615 https://crt.sh/?id=29805616 https://crt.sh/?id=7046181 https://crt.sh/?id=29805617 https://crt.sh/?id=29805618 https://crt.sh/?id=29805619 https://crt.sh/?id=7121749 https://crt.sh/?id=29805620 https://crt.sh/?id=6999366 Best Regards, Richard _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy