No, not yet.  We're currently in negotiations/discussions with them.  

Here is a snippet from a communication from them:

Concerning the CA revocation, first of all, I want to underline that for us
it would be a major issue: we don't have enough time and resources to
replace all the certificates before the end of the year and the revocation
of the CA will cause us several critical operating problems with our
infrastructural services.

Moreover, I would like to inform you that in order to rationalize our
infrastructure and create new synergy between our suppliers, we've planned
to move our certificates to an Italian CA outsourcer. We have already
started this activity and our intent is to complete the migration before the
end of the year, to respect the contract we have settled, with deadline
December, 31st 2017.

Therefore I have to kindly recommend you not to revoke the CA, before the
end of the contract, because it will cause several problems to the Bank and
to our users (customers and colleagues).

Sincerely yours,


-----Original Message-----
From: Gervase Markham []
Sent: Tuesday, August 15, 2017 6:44 AM
To: Ben Wilson <>;
Subject: Re: Certificate with invalid dnsName issued from Baltimore 

Hi Ben,

On 03/08/17 14:32, Ben Wilson wrote:
> That would be fine.  Also, we have given Intesa Sanpaolo a scheduled
> revocation date of 15 August 2017, and I'm waiting to hear back.

That's today; is it still the plan to revoke their intermediate?


Attachment: smime.p7s
Description: S/MIME cryptographic signature

dev-security-policy mailing list

Reply via email to