We do not intend to revoke the end-user certificates. We consider this to be a compliance issue for the CA certificates only. The CAs (i.e. the private keys) and end-user certificates issued from the CAs are not affected.
Regards Mads -----Original Message----- From: dev-security-policy <dev-security-policy-boun...@lists.mozilla.org> On Behalf Of Malcolm Doody via dev-security-policy Sent: onsdag 27. mars 2019 00:42 To: mozilla-dev-security-pol...@lists.mozilla.org Subject: Buypass Incident Report - intermediate certificates noncompliant with BR 7.1 Are you intending to revoke all of the end-user certificates issued from the non compliant certificates? If not, then can you state why? _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy