All, In https://bugzilla.mozilla.org/show_bug.cgi?id=1301731 it was reported that SHA-1 SSL certs have recently been issued in the IGC/A CA Hierarchy that is owned by Government of France (ANSSI,DCSSI).
This root cert was already name constrained via https://bugzilla.mozilla.org/show_bug.cgi?id=952572 And was already slated for removal after this year via https://bugzilla.mozilla.org/show_bug.cgi?id=1272156 Since recently issued SHA-1 SSL certs have been detected, we are going to speed up the removal of this root cert. The CA has been cooperative, and they are working with their customer to remove these SHA-1 certificates. The CA has requested that their root cert be removed, in order to avoid this type of situation in the future. Kathleen _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
