More dotdot-certificates: https://crt.sh/?id=34528113 for autodiscover.amphenolcanada..com Expired 2012 issued by Geotrust (aka symantec)
https://crt.sh/?id=3478078 for PDC-LIB-WEB1.RBI1.rbi..in Expired 2016 issued by Institute for Development and Research in Banking Technology https://crt.sh/?id=4112846 pkictslvws.dmdc.osd..mil expired 2016 issued by U.S. Government So all expired, but certainly at least the ones from 2016 are worrying, indicating that the issuing CAs are failing at domain validation. (Due to limitations in the search methodology - scraping crt.sh search results and looping through tlds - I only searched for ..tld. It would certainly be valuable to search further.) -- Hanno Böck https://hboeck.de/ mail/jabber: ha...@hboeck.de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy