Dear Hanno, Many thanks for the report.
This has now been fixed for Multicert and an incident report was filed at Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1637093 Best regards, NP segunda-feira, 11 de Maio de 2020 às 17:09:08 UTC+1, Hanno Böck escreveu: > Hi, > > As I mentioned in my previous mail I found some instances of CAs > pointing to PEM encoded certificates in their AIA fields, while they > should be DER encoded. > > I found such instances for 4 CAs, I'll list them with one example cert > and the URL of the referenced intermediate. > > Entrust/Affirmtrust: > https://crt.sh/?id=2747041731 > http://aia.affirmtrust.com/aftov1ca.crt > > Telia: > https://crt.sh/?id=2793617446 > http://repository.trust.teliasonera.com/teliasoneraservercav2.cer > > Multicert: > https://crt.sh/?id=2369674005 > http://pki.multicert.com/cert/SSL_CA01.cer > > TWCA: > https://crt.sh/?id=1238438742 > http://sslserver.twca.com.tw/cacert/secure_sha2_2014.crt > > I have informed all 4 CAs via their problem reporting mechanism from > CCADB. > > -- > Hanno Böck > https://hboeck.de/ _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
