In https://bugzilla.mozilla.org/show_bug.cgi?id=1301731 it was reported that
SHA-1 SSL certs have recently been issued in the IGC/A CA Hierarchy that is
owned by Government of France (ANSSI,DCSSI).
This root cert was already name constrained via
And was already slated for removal after this year via
Since recently issued SHA-1 SSL certs have been detected, we are going to speed
up the removal of this root cert. The CA has been cooperative, and they are
working with their customer to remove these SHA-1 certificates. The CA has
requested that their root cert be removed, in order to avoid this type of
situation in the future.
dev-security-policy mailing list