Dear m.d.s.p, We wanted to follow-up to this thread and give an update.
We have decided to replace and revoke the certificates with 63 bit serial numbers, so far we have finished about 95% of the affected certificates. We are actively working with the remaining subscribers to replace their certificates as soon as possible without creating a service disruption. We have made the decision to work with subscribers to enable a smooth transition prior to revocation since the issue in question does not reflect a material security issue. We will share more information as we have it and will publish a complete post mortem once the associated response is complete. Ryan Hurst Product Manager Google Trust Services _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
