Thanks for spotting this Charles. We've reached out to Postecom.it for an explanation and with a request that they revoke the certificate immediately and reissue it with the proper contents. Ben Wilson DigiCert VP of Compliance
-----Original Message----- From: dev-security-policy [mailto:[email protected]] On Behalf Of Charles Reiss Sent: Monday, January 25, 2016 1:23 AM To: [email protected] Subject: Re: SHA1 certs issued this year chaining to included roots On 01/19/16 01:49, Charles Reiss wrote: > Via censys.io, I found a couple SHA-1 certs with notBefore dates from > this year which chain to root CAs in Mozilla's program: [snip] And here are a couple more, from different subCAs: - https://crt.sh/?id=12131821 -- chaining to Deutsche Telekom Root CA 2 [T-Systems] via subCA "Shared Business CA 3" - https://crt.sh/?id=12203339 -- chaining to Baltimore CyberTrust Root (again) this time via (presumably external) subCA "Postecom CS3" Also, the OCSP responder for this certificate appears to use an OCSP responder certificate for some subCA with CN=Postecom CA3 (instead of CS3). Even SHA-256 certificates from this subCA (e.g. https://crt.sh/?id=12138276) appear to have an Authority Key Identifier extension that specifies the serial number of the subCA cert instead of the keyid: X509v3 Authority Key Identifier: DirName:/C=IE/O=Baltimore/OU=CyberTrust/CN=Baltimore CyberTrust Root serial:07:27:52:62 Does this mean they couldn't be used with a SHA-256 version of the subCA certificate? _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
