Thanks Rob! I went through the list and filed a bug for each CA if there wasn't one already open (with one exception that I'm still researching). All open OCSP issues are included in the list at https://wiki.mozilla.org/CA/Incident_Dashboard
Wayne On Mon, Dec 11, 2017 at 10:49 PM, Rob Stradling via dev-security-policy < [email protected]> wrote: > > Some example reports: > > 1. CAs / Responder URLs that are in scope for, but violate, the BR > prohibition on returning a signed a "Good" response for a random serial > number, and are also in scope for Mozilla's consideration: > https://crt.sh/ocsp-responders?trustedExclude=constrained% > 2Cexpired%2Conecrl&trustedBy=Mozilla&trustedFor=Server+Auth > entication&randomserial=Good > > _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
