I just posted this incident report.  The summary is we had an issue where a
certain path allowed issuance of certs for example.com when only
www.example.com <http://www.example.com>  was verified. This incident
happened previously with Comodo here:
o/TK8L-lK0EwAJ. At that time we checked out code, but missed a path. 

Attachment: smime.p7s
Description: S/MIME cryptographic signature

dev-security-policy mailing list

Reply via email to