Re: Incapsula via GlobalSign issued[ing] a certificate for non-existing domain (testslsslfeb20.me)

Tue, 28 Feb 2017 08:46:53 -0800 

On Tuesday, February 28, 2017 at 6:00:47 PM UTC+2, Nick Lamb wrote:
> This is useful independent evidence that (at least some of) the names did 
> exist at one time.

The problem is that they're "re-keying" certificates for domains that are no 
longer in control of their subscribers (as Andrew Ayer brought up, they're 
allowed to do that). I reviewed 4 certificates, out of the 38 domains I 
checked, 1 is alive and using Incapsula+GlobalSign cert (testslsslmay15.com).

https://crt.sh/?id=96720534:
  Validity: 
    - Not Before: Feb 23 16:11:07 2017 GMT
    - Not After : Aug  1 10:08:40 2017 GMT
  X509v3 Subject Alternative Name:
    - DNS:test-ssldomnew.com
    - DNS:test02dec.com
    - DNS:testmacsldec2.net
    - DNS:testmacsldec2.org
    - DNS:testmltdmnov28.net
    - DNS:testmltdmslupslnov27.com
    - DNS:testnov28.com
    - DNS:testslsslnov26.mobi
    - DNS:testyu6788.net

https://crt.sh/?id=97019485:
  Validity:
    - Not Before: Feb 24 16:19:16 2017 GMT
    - Not After : Jul 18 07:58:51 2017 GMT
  X509v3 Subject Alternative Name:
    - DNS:testbetaslsslmay14.info
    - DNS:testbetaslsslmay14.me
    - DNS:testbetaslsslmay14.mobi
    - DNS:testnovemberssl.com
    - DNS:testslsslmay15.biz
    - DNS:testslsslmay15.co
    + DNS:testslsslmay15.com
    - DNS:testslsslmay15.info
    - DNS:testssl2may22.com
    - DNS:testsslonaug12.com

https://crt.sh/?id=97260721:
  Validity:
    - Not Before: Feb 25 09:39:46 2017 GMT
    - Not After : Sep 26 06:39:49 2017 GMT
  X509v3 Subject Alternative Name: 
    - DNS:mar28sitelocktesting.biz
    - DNS:waftestingforsni.info
    - DNS:sslonwafdomain.me
    - DNS:testbetaslsslmay14.co
    - DNS:testlpssl.com
    - DNS:testslsslfeb20.org
    - DNS:testslsslmay15.me

https://crt.sh/?id=97257790:
  Validity:
    - Not Before: Feb 25 19:32:50 2017 GMT
    - Not After : Oct  3 13:53:31 2017 GMT
  X509v3 Subject Alternative Name: 
    - DNS:slsslfeb17.com
    - DNS:sslonwafdomain.biz
    - DNS:sslonwafdomain.co
    - DNS:testdiyaguru20131002b.com
    - DNS:testdomainforwaf.mobi
    - DNS:testregrroct6.org
    - DNS:testslsslapr7.com
    - DNS:testslsslfeb17.co
    - DNS:testslsslfeb17.com
    - DNS:testslsslfeb17.org
    - DNS:testssllaunchmay23.info
    - DNS:testssllivemay23.org
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to