Hi,
It appears AlwaysOnSSL is not completely disabled - if we trust CT as
a timestamping service, [1] was issued after Hanno's email.
I believe AlwaysOnSSL has at least two separate paths to issuance - in
addition to the website, there's also an API on CertCenter's website.
[2] While reading the
On Mon, Jan 7, 2019 at 6:05 AM Rob Stradling wrote:
> On 02/01/2019 22:40, Wayne Thayer via dev-security-policy wrote:
>
> > Yes, the idea is that CT could remove the need to enforce intermediate
> > disclosures via policy.
>
> Hi Wayne. That seems at odds with (my understanding of) the
KIR recently misissued another (pre-)certificate with an organizationName
field containing too many characters [1]. This is despite being given
specific guidance earlier in this thread on the organizationName attribute
[2]. I have requested a new incident report in the bug [3].
A pre-certificate
Hi,
AlwaysOnSSL was a free certificate authority operated by CertCenter.
I recently noticed that their main webpage was gone, but pieces of the
service were still online.
I immediately found a few web security issues. I reported those to
certcenter and digicert (which is the root CA their
On 02/01/2019 14:10, Rob Stradling via dev-security-policy wrote:
> On 02/01/2019 13:44, info--- via dev-security-policy wrote:
>> We're reviewing what happened with this subCA, because it's reported to the
>> CCADB (like all other subCAs). At the moment we've seen that there are two
>>
5 matches
Mail list logo