I submitted a compromised key report to Sectigo [ssl_ab...@sectigo.com] on 1
May 2020 at 2:03pm UTC but Sectigo failed to revoke the certificate per
cab-forum guidelines [4.9.1.1. Reasons for Revoking a Subscriber Certificate].
Upon submitting my report [case ref: _00D1N2Ljih._5003l11VztU], I
On Mon, May 04, 2020 at 08:45:34AM -0700, sandybar497--- via
dev-security-policy wrote:
> Additionally, Sectigo referred to pwnedkeys as
> some sort of authority that they say it’s not compromised.
Bless their little cotton socks, pwnedkeys is now such an authority that
Sectigo thinks I've got
On Tue, May 5, 2020 at 12:35 PM sandybar497--- via dev-security-policy
wrote:
>
> I submitted a compromised key report to Sectigo [ssl_ab...@sectigo.com] on 1
> May 2020 at 2:03pm UTC but Sectigo failed to revoke the certificate per
> cab-forum guidelines [4.9.1.1. Reasons for Revoking a
On 5/4/20 9:31 AM, Corey Bonnell wrote:
Thank you very much for the clarifications. If I'm understanding correctly, it
sounds like Mozilla is considering to add sub-items of item 4 on the survey as
Mozilla Root Program requirements if the associated CAB Forum ballot does not
pass. However, there
Forwarded Message
Subject: Summary of May 2020 Outdated Audit Statements for Intermediate
Certs
Date: Tue, 5 May 2020 14:00:08 + (GMT)
CA Owner: SECOM Trust Systems CO., LTD.
- Certificate Name: SECOM Passport for Web MH CA
SHA-256 Fingerprint:
5 matches
Mail list logo