Hi all, Rob posted a list containing D-Trust certificates showing a ROCA fingerprint today at https://misissued.com/batch/28/
We are treating this as an incident although all the mentioned D-Trust related certificates are Qualified CAs governed by national German law and therefore are not related to WebPKI, i.e. are not chaining up to roots trusted by NSS. An incident report will by provided by noon Thursday, 2017/10/19 German time. No WebPKI related systems within D-Trust are affected by the weak RSA key generation issue as announced this week. Regards, Kim Nguyen (D-Trust) _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
