On 29/08/16 22:53, Percy wrote: > Gerv, I've notified the security team in Alibaba about this possible fake > cert and ask them to confirm that they have not applied a cert. > It's unlikely that Alibaba will use a free cert from WoSign. As a commercial > site, they usually use Verisign or globalSign
That might also help; thank you. Please ask them to contact me directly to confirm this cert was not requested by them. Gerv _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
