Here is a Google Spreadsheet without the subordinates that have EKU restrictions. I didn't match to SalesForce, so most of these are probably already in there.
https://docs.google.com/spreadsheets/d/14lO33nW-tTN86Vq_urmI6IAIWRPZgd1KKfzvrLk5TZQ/edit?usp=sharing On Wed, Apr 27, 2016 at 6:11 PM, Wayne Thayer <[email protected]> wrote: > My understanding is that CAs are not to add CAs with an EKU extension that > doesn't include anyEKU or serverAuth, but this list appears to include those? > > Thanks, > > Wayne > >> -----Original Message----- >> From: dev-security-policy [mailto:dev-security-policy- >> [email protected]] On Behalf Of Richard >> Barnes >> Sent: Wednesday, April 27, 2016 5:16 PM >> To: [email protected] >> Cc: Zakir Durumeric <[email protected]> >> Subject: Undisclosed CA certificates >> >> Dear CAs, >> >> As you guys are working toward the June 30 deadline for disclosing >> intermediate certificates in SalesForce, I thought I would share some notes >> on the undisclosed certificates that we're seeing, so that you can make sure >> you get them all uploaded. >> >> Zakir Durumeric from UMich/Censys.io has helpfully compiled a list of CA >> certificates that have been observed in Censys scans of the Internet, and >> noted which of those certificates are not in SalesForce so far. >> >> I've posted the list here for your reference: >> https://gist.github.com/bifurcation/bf994d9fc3753f78472da8233da1fe52 >> >> Note that this list is static, so if you add a certificate to SalesForce, it >> won't >> instantly disappear from this list. But we'll try to update it every so >> often as >> we approach June 30, and will notify this list when we do. >> >> Cheers, >> --Richard >> _______________________________________________ >> dev-security-policy mailing list >> [email protected] >> https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ > dev-security-policy mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
