On Thu, Sep 28, 2017 at 12:50 PM, Gervase Markham via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On 27/09/17 18:54, Matthew Hardeman wrote:
> > In the case of StartCom, I can not help but feel that they are being
> > held to an especially high standard (higher than
Several CAs have issued intermediate CA certificates with duplicate
serial numbers. This is a clear violation of the serial number
uniqueness requirement of the BRs and RFC5280 4.1.2.2. Below is a list
of all those known to crt.sh that chain to at least 1 NSS built-in root:
Issuer:
On 28/09/2017 18:11, Gervase Markham wrote:
On 22/09/17 00:12, Ryan Sleevi wrote:
Based on the number of reports reviewed recently, I suspect we've got
opportunities for improvement, but I'm not quite sure yet what the concrete
suggestions on that should look like. A few thoughts below:
3 matches
Mail list logo