In case nobody saw it yet, those things were in the news:
https://community.rapid7.com/community/infosec/sonar/blog/2014/09/04/107000-web-sites-no-longer-trusted-by-mozilla
http://threatpost.com/mozilla-1024-bit-cert-deprecation-leaves-107000-sites-untrusted/108114
I think those are misleading:
- They count certificates that already expired
- They probably count certificates seen on multiple IPs multiple times
- They don't take into account that the site might send an alternative
root that is not 1024 bit.
Hubert Kario stats posted here are way more useful.
Kurt
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
