Check the SSL Labs test:, rate F that 
even enabled SSL v2.

Best Regards,


On 16 Feb 2017, at 19:04, Nick Lamb via dev-security-policy 

On Wednesday, 15 February 2017 22:02:50 UTC, Rob Stradling  wrote:
This currently unrevoked cert has a SHA-1/RSA signature, the serverAuth
EKU and<>:

It lacks the SAN extension, but that doesn't excuse it from the ban on

At time of writing this certificate is installed on a web server, although I 
think only to re-direct visitors to the plain HTTP site. Whether the CA 
believed it would be used on a web server or not, that's what was done.

It's not clear to me whether this is a brochure site, and thus can just be 
upgraded or if it's actually part of the described HMRC SET system itself. 
Either way it's on the web.
dev-security-policy mailing list<>
dev-security-policy mailing list

Reply via email to