> On Aug 16, 2017, at 13:44, Jonathan Rudenberg via dev-security-policy > <[email protected]> wrote: > > After looking into this more, I’ve found that the majority of certificates > issued by the "IdenTrust ACES CA 2” and "IdenTrust ACES CA 1” intermediates > are not BR-compliant.
If anyone is interested in looking through the expired/revoked certificates issued by these intermediates, these two links will show all of the certificates that are known to CT: https://crt.sh/?Identity=%25&iCAID=718 https://crt.sh/?Identity=%25&iCAID=5738 After clicking on a certificate ID, you can click the “Run cablint” link on the left to see the cablint output. Jonathan _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
