Both sets had been publicly disclosed through affirmative publishing in the repositories of the respective CAs--that's probably how your crawler found them, because I don't believe they are issuing SSL/TLS certificates. I thought I had disclosed the ones chaining to the DigiCert Orion Health intermediate a while ago (when I first populated the CCADB with our certificates), but apparently I missed those. The Belgian ones were posted just recently, I believe, because I do try to keep the CCADB up to date.
-----Original Message----- From: dev-security-policy [mailto:[email protected]] On Behalf Of Rob Stradling via dev-security-policy Sent: Thursday, May 11, 2017 5:47 AM To: Kurt Roeckx <[email protected]>; [email protected] Subject: Re: Hunting for intermediates that still haven't been disclosed to CCADB On 11/05/17 12:28, Kurt Roeckx via dev-security-policy wrote: > On 2017-05-11 13:07, Rob Stradling wrote: >> It would seem that DigiCert noticed these 19 intermediates appear on >> https://crt.sh/mozilla-disclosures#undisclosed whilst I was asleep, >> because they've all now been disclosed to the CCADB. >> >> They should've been disclosed some time ago, however. > > Does the CCADB keep track of when something was disclosed? A history? There's a "Created by" field (Username, Timestamp) and a "Last Modified By" field (Username, Timestamp) in the CCADB, but neither of these fields are currently provided in the public CSV reports that Mozilla publishes. -- Rob Stradling Senior Research & Development Scientist COMODO - Creating Trust Online _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
