I don't know whether it was noticed or if it matters to anyone, but I did note 
that for at least one of these certificates, particularly the one at 
https://crt.sh/?id=92235996 , that the sole SAN dnsName for the certificate is 

The cert also had a whopping 24 hours of validity.

I am positing that this certificate, at least, was administratively created by 
Identrust in order to provide a certificate test point of the expired 
certificate type, as many root programs require for inclusion, etc.

While I imagine that this is not necessarily relevant to whether there's a BR 
issue, it may at least inform how the certificate came about, if that is of 
dev-security-policy mailing list

Reply via email to