On 24/01/17 14:11, [email protected] wrote:
I was searching on crt.sh and I found something confusing by accident.
View this page : https://crt.sh/?Identity=%25&iCAID=7198
I can see many SHA-1 certificates issued in 2016 and one is issued in 2017.
I think it was banned before so someone could tell me why they can issue these
SHA-1 certificates?
SHA-1 certificate issued in 2017 : https://crt.sh/?id=71625342
Hi Liu.
The "Symantec Private SSL SHA1 CA" intermediate CA chains only to roots
that are no longer trusted by Mozilla. (However, those roots are still
trusted by Microsoft, Apple and (for EV) Chrome).
See the "Trust" matrix on https://crt.sh/?caid=7198
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
