At there are currently 9 certificates, 1 from Startcom, 1 from Swisscomm and 7 from Symantec.

In the April 2017 CA communication, they all confirmed: "The current policy of our CA is that all revoked non-technically-constrained intermediate certificates chaining up to our root certificates included in Mozilla's CA Certificate Program will be marked as Revoked in the Common CA Database within one week of revocation."

The StartCom certificate is revoked on 2017-04-10, the SwissCom on 2017-04-26, and Symantec has two from 2016-10-26, and the others from 2017-05-05.

So all of them except those from 2017-05-05 should have been marked in the Common CA Database as revoked but haven't been marked as such.

dev-security-policy mailing list

Reply via email to