> On Jul 17, 2017, at 15:27, Nick Lamb via dev-security-policy > <dev-security-policy@lists.mozilla.org> wrote: > > On Monday, 17 July 2017 16:22:22 UTC+1, Ben Wilson wrote: >> Thank you for bringing this to our attention. We have contacted Intesa >> Sanpaolo regarding this error and have asked them to correct it as soon as >> possible. > > "Correcting" the error is surely the smaller of the two tasks ahead. > > This CA is trusted in the Web PKI, and should have technical controls in > place to ensure that subject details in any certificates issued are > appropriately validated. > > There cannot possibly have been appropriate validation of this name, because > it cannot exist in the Internet DNS.
I just did a quick check, and this is actually the second certificate issued with this error, here is the first one: https://crt.sh/?q=A8F200048358EBC31F77D90D30BF640B7E9D39D2BFCCA93C08517BCACC1CC2CA&opt=cablint,x509lint _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy