Dear CAs, As you guys are working toward the June 30 deadline for disclosing intermediate certificates in SalesForce, I thought I would share some notes on the undisclosed certificates that we're seeing, so that you can make sure you get them all uploaded.
Zakir Durumeric from UMich/Censys.io has helpfully compiled a list of CA certificates that have been observed in Censys scans of the Internet, and noted which of those certificates are not in SalesForce so far. I've posted the list here for your reference: https://gist.github.com/bifurcation/bf994d9fc3753f78472da8233da1fe52 Note that this list is static, so if you add a certificate to SalesForce, it won't instantly disappear from this list. But we'll try to update it every so often as we approach June 30, and will notify this list when we do. Cheers, --Richard _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
