Dear Wayne,
The previous email has some typos, corrected as follows.
1. When I was back to my office after the travlelling from England and disussed
with my colleauges, I mailed the situation and the plan to Wayne and Kathleen
on June 15.
====> When I was back to my office after the travleling from England and
discussed with my colleagues, I mailed the situation and the plan to Wayne and
Kathleen on June 15.
2. After our customer installed a new certificate
(https://crt.sh/?id=519100183) in their web servers, network equipments and
firewall, The certificate of https://crt.sh/?id=508868868 was revoked on June
21.
====>
After our customer installed a new certificate (https://crt.sh/?id=519100183)
in their web servers, network equipment and firewall, The certificate of
https://crt.sh/?id=508868868 was revoked on June 21.
Sincerely Yours,
Li-Chun
lcchen...@gmail.com於 2018年7月7日星期六 UTC+8下午11時39分17秒寫道:
> Dear Wayne,
>
> Our two customers requested to use original CSR to issue two shorter
> validity SSL certificates. By the re-issuance function of a program, to
> insert original applications data, our SSL RA Officers checked the addresses
> but they forgot to add L in Subject DN. So there are two SSL Certificates as
> below lack of L or S in Subject DN.
>
> 1.Serial Number:20BD5F0B51809E44C0718AB133CA5E78 CN=*.sercomm.com,
> O=中磊電子股份有限公司, C=TW or https://crt.sh/?id=508868868
>
> 2.Serial Number:3CE33A6D8899A211FB2D296D9E0B69CB CN=app3.uupon.tw,
> O=點鑽整合行銷股份有限公司, C=TW or https://crt.sh/?id=512788172
>
> Our researchers of Telecommunication Laboratories of Chunghwa Telecom
> found above issue on June 11 and told our SSL RA Officers to contact the
> customers. When I was back to my office after the travlelling from England
> and disussed with my colleauges, I mailed the situation and the plan to Wayne
> and Kathleen on June 15.
>
> This certificate of https://crt.sh/?id=512788172 was revoked on June 11
> soon.
>
> We have re-issued new certificates for two customers as below:
>
> 42664EEA106F2CBF736ADBF949D4218F CN=*.sercomm.com, O=中磊電子股份有限公司, L=臺北市, C=TW
> or https://crt.sh/?id=519100183
>
> 100079C87402938109A5FEC040C5BE0F CN=app3.uupon.tw, O=點鑽整合行銷股份有限公司, L=臺北市,
> C=TW or https://crt.sh/?id=549539943
>
> After our customer installed a new certificate
> (https://crt.sh/?id=519100183) in their web servers, network equipments and
> firewall, The certificate of https://crt.sh/?id=508868868 was revoked on June
> 21,.
>
> The checking function of Subject DN about either L or S are online June
> 22. I mailed to Wayne and Kathleen on June 22.
>
> We confirm that the problem has been solved and will not happen in the
> future.
>
> As we have discussed in CABF, Taiwan is a small country without
> state/provinces. We follow X.500, X.520 and Taiwan’s government’s DIT for the
> certificates. We can unique identify the subject without state/provinces and
> locality in DN for a central government agency or a company. (For example, In
> Taiwan's Company Act,
> https://law.moj.gov.tw/Eng/LawClass/LawAll.aspx?PCode=J0080001, Article 18
> No company may use a corporate name which is identical with that of another
> company. ). We really receive some subscribers of central government agency
> or a company asked why your CA adds L in the subject DN of an SSL
> certificate. We explain that we follow the BR about either L or S should be
> in Subject DN now.
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
