> On Jun 21, 2017, at 14:41, urijah--- via dev-security-policy > <[email protected]> wrote: > > Apparently, in at least one case, the certificate was issued directly(!) to > localhost by Symantec. > > https://news.ycombinator.com/item?id=14598262 > > subject=/C=US/ST=Florida/L=Melbourne/O=AuthenTec/OU=Terms of use at > www.verisign.com/rpa (c)05/CN=localhost > issuer=/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at > https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 > reply > > Is this a known incident?
Here is the (since expired) certificate: https://crt.sh/?q=07C4AD287B850CAA3DD89656937DB1217067407AA8504A10382A8AD3838D153F _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
