It is posted, just Peter not find it that I told him the Log id. We are also checking system again to double check if we missed some.
Please be patient for our full 20 pages report, thanks, Regards, Richard > On 4 Sep 2016, at 12:12, Matt Palmer <mpal...@hezmatt.org> wrote: > >> On Sat, Sep 03, 2016 at 02:18:44PM -0700, Peter Bowen wrote: >> Can you also please check the following two certificates? It looks >> like they were missed when logging all the 2015 certs. >> >> https://www.censys.io/certificates/c04748c89de2bf73d56b601cf61db32953dfeca5ef62e0281d326c4ce9035fe2 >> https://www.censys.io/certificates/d99309f071141454f805c13551a827aa116bb53daefd8609e296c06b0dcdf720 >> >> Additionally, it looks like there may be a gap in logging for 2016. >> For example, >> https://www.censys.io/certificates/06797f8095ba4d9c9ec5b9475cff7df3b258069cc89f303cd91dc329eaf0c08f >> does not show up in any log. > > Our of curiosity, is anyone keeping a tally of the number of times WoSign > has said, "yep, they're all logged now", only to have more unlogged > certificates turn up? This is starting to feel like a bit of a repeat of > DigiNotar, insofar as a CA doesn't appear to have a clear record of all > issuance. > > - Matt > > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
