On Tue, May 20, 2014 at 12:31:14PM -0600, Jeremy Rowley wrote: > I saw that he's contacting CAs about the missing SANs, but what about the > other issues? I'd be very interested in hearing about any non-compliant > certs related to DigiCert (if there are any).
Running a query on all issuers with DigiCert somewhere in the name for certificates generated since February I see no error for any of my tests. (I see 7 issuers.) If I look starting from May 2013 I see 22 with a missing SAN, 2 with invalid encoding, 1 with non-printable charcaters over 16 issuers. If you want I can send examples. Kurt _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy