On 4/14/15 8:50 AM, yuhongbao_...@hotmail.com wrote:
On Thursday, March 19, 2015 at 1:02:06 PM UTC-7, Peter Bowen wrote:
On Wed, Mar 18, 2015 at 12:40 PM, Kathleen Wilson <kwil...@mozilla.com> wrote:
I propose removing the following root cert from NSS, due to inadequate audit
statements.
Issuer:
CN = e-Guven Kok Elektronik Sertifika Hizmet Saglayicisi
O = Elektronik Bilgi Guvenligi A.S.
C = TR
In the Pilot CT log, which includes every certificate that the Google
crawler has seen, I found 19 unexpired certificates issued by this CA.
Their subjects are as follows (using the default OpenSSL DN to string
method):
<snip>
FYI, the cert for ttgoldguide.com was just renewed, at first with a 1024-bit
DSA cert that was probably a mistake:
<snip>
Of course it has been replaced with a 1024-bit RSA certificate
Thanks to all of you who participated in this discussion and provided
data about certificates this CA hierarchy.
We are proceeding with the removal of this root certificate in the
following bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=1145270
This change is in NSS 3.18.1, which is expected to land in Firefox 38.
Thanks,
Kathleen
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy