Hello, as we are in the "list of shame" and as a way to ensure we are following these discussions, I'd like to say that the OISTE CA that is referenced here (it's an old intermediate CA expiring in December 2020, and its CRL contains some unspecified revocations for Issuing CAs from 2015 and older) is under a root for which we already requested to remove the TLS trust bit to the different CA programs (e.g. https://bugzilla.mozilla.org/show_bug.cgi?id=1653092), so now is out of the scope of BR. Best, Pedro
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy