On Mon, Mar 23, 2020 at 12:53:43PM -0400, Ryan Sleevi wrote: > To make sure I understand the timeline correctly: > 2020-03-20 02:05:49 UTC - Matt reports SPKI 4310b6bc0841efd7fcec6ba0ed1f36 > e7a28bf9a707ae7f7771e2cd4b6f31b5af, associated with > https://crt.sh/?id=1760024320 , as compromised > 2020-03-21 01:56:31 UTC - DigiCert issues https://crt.sh/?id=2606438724 with > that same SPKI > 2020-03-21 02:09:12 UTC - DigiCert revokes https://crt.sh/?id=1760024320 > 2020-03-23 03:16:18 UTC - DigiCert revokes https://crt.sh/?id=2606438724 > > Is that roughly correct?
Yes, that appears to be a correct summary of the timeline as I see it. - Matt _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy