On 03/04/17 13:11, Gervase Markham wrote: > Hi Steve and Rick, Q9) Can you please tell us which audit covers the following two intermediate CAs, which are subordinates of or cross-certified by VeriSign Universal Root Certification Authority?
VeriSign Class 3 SSP Intermediate CA - G2 (https://crt.sh/?Identity=%25&iCAID=1384&exclude=expired) Symantec Class 3 SSP Intermediate CA - G3 (https://crt.sh/?Identity=%25&iCAID=12352&exclude=expired) The following period-of-time audit is the most recent one which covers the VeriSign Universal Root Certification Authority: https://www.symantec.com/content/en/us/about/media/repository/18_Symantec_STN_WTCA_period_end_11-30-2016.pdf However, these certificates are not on the accompanying list of intermediates. Is it correct that these intermediates are unconstrained and fully capable of issuing server authentication (SSL/TLS) certificates which are trusted by Mozilla browsers? Thanks, Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy