On Wed, Jul 1, 2020 at 5:05 PM Ryan Sleevi <r...@sleevi.com> wrote: > While I'll be looking to create Compliance Incidents for the affected CAs, >
This is now done, I believe. However, as mentioned, just because a compliance bug was not filed does not mean that a CA may not be affected; it may just be that CT does not know of the cert and the CA did not disclose it via CCADB. I only filed incidents for CAs where the issuer is not already revoked via OneCRL. https://bugzilla.mozilla.org/show_bug.cgi?id=1649961 - Actalis https://bugzilla.mozilla.org/show_bug.cgi?id=1649963 - ATOS https://bugzilla.mozilla.org/show_bug.cgi?id=1649944 - Camerfirma https://bugzilla.mozilla.org/show_bug.cgi?id=1649951 - DigiCert https://bugzilla.mozilla.org/show_bug.cgi?id=1649943 - Firmaprofesional https://bugzilla.mozilla.org/show_bug.cgi?id=1649937 - GlobalSign https://bugzilla.mozilla.org/show_bug.cgi?id=1649945 - HARICA https://bugzilla.mozilla.org/show_bug.cgi?id=1649947 - Microsec https://bugzilla.mozilla.org/show_bug.cgi?id=1649938 - QuoVadis https://bugzilla.mozilla.org/show_bug.cgi?id=1649964 - PKIoverheid https://bugzilla.mozilla.org/show_bug.cgi?id=1649962 - SECOM https://bugzilla.mozilla.org/show_bug.cgi?id=1649942 - SK ID https://bugzilla.mozilla.org/show_bug.cgi?id=1649941 - T-Systems https://bugzilla.mozilla.org/show_bug.cgi?id=1649939 - WISeKey _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy