On 2017-06-08 at 04:31 -0700, richmoore44--- via dev-security-policy wrote: > This one is interesting since the domain name of the CRL resolves to an RFC > 1918 IP address. Surely that is a violation of the baseline requirements. > > https://crt.sh/?sha256=b82210cde9ddea0e14be29af647e4b32f96ed2a9ef1aa5baa9cc64b38b6c01ca > > Regards > > Rich.
Nope. The domain name of the CRL (www.cert.fnmt.es.testa.eu) is not resolving to an RFC 1918 IP address. It plainly doesn't resolve. 10.0.1.10 is the dns server used by crt.sh Rafa, can you take a look at this? _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy