On 12/10/13 7:18 , Rob Stradling wrote: > On 10/12/13 14:46, Rob Stradling wrote: > <snip> >> I tried to send a larger file just now (with more info), but I'd >> forgotten that this list has a 40KB limit on attachments. > > The larger file with more info is here... > https://sslanalyzer.comodoca.com/igca_server_certs.zip > > Column 1: SHA-1(Certificate) > Column 2: Entry ID in the Google CT Pilot Log > Column 3: Issuer Name > Column 4: Server Identity (SAN->dNSName, SAN->iPAddress or Subject->CN) >
This list contains a bunch of RFC 1918 addresses (two under 10/8, around 111 under 172.16/12, 9 under 192.168/16). This appears to contradict https://bug368970.bugzilla.mozilla.org/attachment.cgi?id=355447 (information gathering for inclusion of what I think is this root; see the private IPs under "problematic practices" section). _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
