AW: Incident report D-TRUST: syntax error in one tls certificate

2018-11-27 Thread Buschart, Rufus via dev-security-policy
To simplify the process of monitoring crt.sh, we at Siemens have implemented a little web service which directly queries crt.sh DB and returns the errors as JSON. By this you don't have to parse HTML files and can directly integrate it into your monitoring. Maybe this function is of interest

Re: Incident report D-TRUST: syntax error in one tls certificate

2018-11-27 Thread Enrico Entschew via dev-security-policy
Am Montag, 26. November 2018 18:34:38 UTC+1 schrieb Jakob Bohm: > In addition to this, would you add the following: > > - Daily checks of crt.sh (or some other existing tool) if > additional such certificates are erroneously issued before > the automated countermeasures are in place? Thank

Re: Violation report - Comodo CA certificates revocation delays

2018-11-27 Thread waryde--- via dev-security-policy
Friday, October 12, 2018 14:28:47 UTC+2 Robin Alden wrote: > I understand the OP's concern and will respond to the bug shortly. Given that 45 days passed now, the internal definition of "shortly" used by Comodo seems to differ a lot from the common use of the term.

Re: Request to Include emSign Root CA - G1, emSign Root CA - G3, emSign Root CA - C1, and emSign Root CA - C3

2018-11-27 Thread Vijay Kumar via dev-security-policy
Hi, Happy to inform the availibility of Period of Time Audit reports. The audit reports are dated 08-Oct-2018, and the corresponding Webtrust seals are available at https://repository.emsign.com Links to individual audit reports. WebTrust CA: