On 12/10/13 8:39 , Jan Schejbal wrote:
> Am 2013-12-10 16:18, schrieb Rob Stradling:
>>
>> The larger file with more info is here...
>> https://sslanalyzer.comodoca.com/igca_server_certs.zip
>
> Thanks, very nice!
>
> These look interesting:
>
> 8f5d29f6ae0f6aa472268de463dd2e397ddd1b50
> 1972268
> C=FR, O=Ministere education nationale (MENESR), OU=110 043 015, CN=AC
> Infrastructures
> your.server.address.com
>
> 899ec6db4ad070052aee3311de924e3dd3e995df
> 1973335
> C=FR, O=Ministere education nationale (MENESR), OU=110 043 015, CN=AC
> Infrastructures
> your.server.address.com
>
> For some reason, I have doubts about the quality of domain validation
> performed in these cases...
>
> I don't have a Certificate Transparency client set up - does anyone want
> to check if these have already been revoked?
There are also some truncated domain name mistakes:
364364fb7b2d4f226362452e82126079a87fa935 2675891 C=FR, O=Ministere
education
nationale (MENESR), OU=110 043 015, CN=AC Infrastructures
sympav6.ac-rouen.
cc81b6f89f913d961bf100b877f76285f9f8256c 1981947 C=FR, O=Ministere
education
nationale (MENESR), OU=110 043 015, CN=AC Infrastructures
espacecollaboratif.in.orion.education.f
cc81b6f89f913d961bf100b877f76285f9f8256c 1981947 C=FR, O=Ministere
education
nationale (MENESR), OU=110 043 015, CN=AC Infrastructures
espacecollaboratif.orion.education.f
In addition there's an entry for a .cp name ('cp' is not in ISO 3166):
8a42df4a54aa0e047c470f03122438c2499d9855 C=FR, O=MINEFI,
OU=TELEPROCEDURES,
CN=MINEFI-AC TELEPROCEDURES irasso69.appli.cp
There's also an entry for 'bv', which might be an internal name or might be
truncated (there are several certs with names of the form bv.ac-<academie
name?>.fr):
07fbc1b38557311c0008d6e363a040a7e7fba628 1890993 C=FR, O=Ministere
education
nationale (MENESR), OU=110 043 015, CN=AC Infrastructures bv
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy