Thank you Rob!If I am not mistaken, it seems to me that we have just 1 certificate in that list, and it's a non-trusted certificate (it was issued by a test CA).
Il 01/10/2018 15:43, Rob Stradling via dev-security-policy ha scritto:
On 01/10/2018 14:38, Adriano Santoni via dev-security-policy wrote:Is it possible to filter the list https://crt.sh/?cablint=issues based on the issuing CA ?Yes. First, visit this page: https://crt.sh/?cablint=1+weekNext, click on the link in the "Issuer CN, OU or O" column that corresponds to the issuing CA you're interested in.Il 01/10/2018 15:26, Doug Beattie via dev-security-policy ha scritto:Hi Wayne and all, I've been noticing an increasing number of CA errors,https://crt.sh/?cablint=issues Is anyone monitoring this list and askingfor misissuance reports for those that are not compliant? There are 15 different errors and around 300 individual errors (excluding the SHA-1 "false" errors). Some CAs are issuing certs to CNs of localhost, are including RFC822 SANs, not including OCSP links and many more. - Actalis, - Digicert, - Microsoft, - There are also some warning checks that should actually be errors like underscores in CNs or SANs. Doug
smime.p7s
Description: Firma crittografica S/MIME
_______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
