On Thu, Dec 28, 2017 at 10:24 PM, Jakob Bohm via dev-security-policy <[email protected]> wrote: > After looking at some real certificates both in the browser and on crt.sh, I > have some followup questions on certificate serial numbers: > > 4. If the answers are yes, no, yes, why doesn't cablint flag > certificates with serial numbers of less than or equal to 64 bits as > non-compliant?
I can answer #4 -- your trusty cablint maintainer has fallen behind and hasn't added lints for recent ballots. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
