Okay - they are all logged to both Google's CT log and DigiCert's CT log. I can also send the PEM files shortly.
-----Original Message----- From: dev-security-policy [mailto:dev-security-policy-bounces+jeremy.rowley=digicert.com@lists.mozilla .org] On Behalf Of Gervase Markham via dev-security-policy Sent: Tuesday, April 18, 2017 10:59 AM To: mozilla-dev-security-pol...@lists.mozilla.org Subject: Re: Certificate issues On 18/04/17 17:22, Ryan Sleevi wrote: > On Tue, Apr 18, 2017 at 12:09 PM, Jeremy Rowley via > dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: >> code signing certificates into a pseudo- SSL profile. Because they >> were intended to be code signing certificates, the certificates >> issued off a code-signing intermediate (with code-signing as the sole EKU). If this is true, I am not particularly concerned. So as Ryan notes, a demonstration of this fact would satisfy me that this was not a serious incident. Thank you for reporting it so promptly. Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy