Here’s the crt.sh link for this certificate: https://crt.sh/?id=29884704
Can you provide more details about where this certificate came from? Did you issue it using one of the vulnerabilities discussed in this thread? > On Aug 26, 2016, at 01:12, 233sec Team <inaos...@gmail.com> wrote: > > Wosign's Issue mechanism is high risking for large enterprise. > This is one prove: > > https://gist.github.com/xiaohuilam/8589f2dfaac435bae4bf8dfe0984f69e > > Alicdn.com is the cdn asset domain name of Taobao/tmall who belong to > alibaba, which are Chinese biggest online shopping websites. > With the fake cert's middle man attack, password stealing, information > leaking... > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
