> On Aug 7, 2017, at 16:47, Jonathan Rudenberg via dev-security-policy > <[email protected]> wrote: > > “IdenTrust ACES CA 2” has issued five certificates with an OCSP responder URL > that has a HTTPS URI scheme. This is not valid, the OCSP responder URI is > required to have the plaintext HTTP scheme according to Baseline Requirements > section 7.1.2.2(c). > > Here’s the list of certificates: https://misissued.com/batch/4/
I also note that these certificates all have an organizationName of "U.S. Government”, but the rest of the subject details indicate organizations that are not components of the US Government. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
