On Tuesday, February 28, 2017 at 6:00:47 PM UTC+2, Nick Lamb wrote: > This is useful independent evidence that (at least some of) the names did > exist at one time.
The problem is that they're "re-keying" certificates for domains that are no longer in control of their subscribers (as Andrew Ayer brought up, they're allowed to do that). I reviewed 4 certificates, out of the 38 domains I checked, 1 is alive and using Incapsula+GlobalSign cert (testslsslmay15.com). https://crt.sh/?id=96720534: Validity: - Not Before: Feb 23 16:11:07 2017 GMT - Not After : Aug 1 10:08:40 2017 GMT X509v3 Subject Alternative Name: - DNS:test-ssldomnew.com - DNS:test02dec.com - DNS:testmacsldec2.net - DNS:testmacsldec2.org - DNS:testmltdmnov28.net - DNS:testmltdmslupslnov27.com - DNS:testnov28.com - DNS:testslsslnov26.mobi - DNS:testyu6788.net https://crt.sh/?id=97019485: Validity: - Not Before: Feb 24 16:19:16 2017 GMT - Not After : Jul 18 07:58:51 2017 GMT X509v3 Subject Alternative Name: - DNS:testbetaslsslmay14.info - DNS:testbetaslsslmay14.me - DNS:testbetaslsslmay14.mobi - DNS:testnovemberssl.com - DNS:testslsslmay15.biz - DNS:testslsslmay15.co + DNS:testslsslmay15.com - DNS:testslsslmay15.info - DNS:testssl2may22.com - DNS:testsslonaug12.com https://crt.sh/?id=97260721: Validity: - Not Before: Feb 25 09:39:46 2017 GMT - Not After : Sep 26 06:39:49 2017 GMT X509v3 Subject Alternative Name: - DNS:mar28sitelocktesting.biz - DNS:waftestingforsni.info - DNS:sslonwafdomain.me - DNS:testbetaslsslmay14.co - DNS:testlpssl.com - DNS:testslsslfeb20.org - DNS:testslsslmay15.me https://crt.sh/?id=97257790: Validity: - Not Before: Feb 25 19:32:50 2017 GMT - Not After : Oct 3 13:53:31 2017 GMT X509v3 Subject Alternative Name: - DNS:slsslfeb17.com - DNS:sslonwafdomain.biz - DNS:sslonwafdomain.co - DNS:testdiyaguru20131002b.com - DNS:testdomainforwaf.mobi - DNS:testregrroct6.org - DNS:testslsslapr7.com - DNS:testslsslfeb17.co - DNS:testslsslfeb17.com - DNS:testslsslfeb17.org - DNS:testssllaunchmay23.info - DNS:testssllivemay23.org _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy