On Tuesday, November 22, 2016 at 12:16:43 PM UTC-8, [email protected] wrote: > Between 11:30am and 4pm Pacific on November 21, 2016, a problem with > the Let’s Encrypt issuance blocklist was identified, confirmed, and fixed. > > <snip> > The following certificates were found to have been mis-issued by policy, > though there is no sign that they were used maliciously and domain control > was properly demonstrated via DV validation. >
I have filed https://bugzilla.mozilla.org/show_bug.cgi?id=1319609 to track Mozilla's response to this incident report. Kathleen _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
