On Wed, Aug 8, 2018 at 9:17 AM Hanno Böck wrote:
>
> As of today this is still unrevoked:
> https://crt.sh/?id=630835231&opt=ocsp
>
> Given Comodo's abuse contact was CCed in this mail I assume they knew
> about this since Sunday. Thus we're way past the 24 hour in which they
> should revoke it.
Thank you for the incident report Juan. I created
https://bugzilla.mozilla.org/show_bug.cgi?id=1481862 to track this issue.
Please update the bug as action items are completed.
On Wed, Aug 8, 2018 at 8:41 AM Ryan Sleevi via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On
On Wed, Aug 8, 2018 at 8:13 AM, Juan Angel Martin via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Hello,
>
> We detected 5 certificates issued with ERROR: organizationName too long
> (X.509 lint)
>
> 1. How your CA first became aware of the problem (e.g. via a problem
> r
Thanks! I think this is more in line with the goal of these discussions -
trying to learn, share, and disseminate best practices.
Here, the best practice is that, prior to any configuration, the CA should
determine what the 'model' certificate should look like. This model
certificate is, in effect
On Sun, 5 Aug 2018 15:23:42 -0500
Alex Cohn via dev-security-policy
wrote:
> The certificate [1] in the GitHub link you posted was issued by
> Comodo, not by GeoTrust. The two share a private key, though, so both
> the Comodo and GeoTrust certs should be considered compromised at
> this point. I'
Hello,
We detected 5 certificates issued with ERROR: organizationName too long (X.509
lint)
1. How your CA first became aware of the problem (e.g. via a problem report
submitted to your Problem Reporting Mechanism, a discussion in
mozilla.dev.security.policy, a Bugzilla bug, or internal self-a
Telia got a serious lesson with this incident that should not have happened.
Important detail also to know is that certificates were not issued to wrong
entities and issuing new certificates with wrong OID field was prevented
immediately.
1) Telia has a development process with multiple steps w
7 matches
Mail list logo