subject:"Certificate with invalid CN and dnsName issued by certSIGN"

Re: Certificate with invalid CN and dnsName issued by certSIGN

2017-08-02 Thread Jonathan Rudenberg via dev-security-policy


> On Aug 2, 2017, at 12:28, Jonathan Rudenberg via dev-security-policy 
>  wrote:
> 
> This certificate, issued on July 27 by certSIGN, has an invalid common name 
> of “todyro_2017” and an invalid SAN dnsName of “ tody.ro” (note the leading 
> space):
> 
> https://crt.sh/?q=93EACBC95AE53D57322CA9646DCF260AE240369714906CD464561402BF32CE96&opt=cablint

The above is not the first certificate issued by certSIGN with a leading space 
in a dnsName, which points to a failure in technical controls. Here is another 
one:

https://crt.sh/?q=91782A8F1182E239D49FABA796CFDF17AFC22A0D035838FD77FDD633FC72C416&opt=cablint

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Certificate with invalid CN and dnsName issued by certSIGN

2017-08-02 Thread Jonathan Rudenberg via dev-security-policy

This certificate, issued on July 27 by certSIGN, has an invalid common name of 
“todyro_2017” and an invalid SAN dnsName of “ tody.ro” (note the leading space):

https://crt.sh/?q=93EACBC95AE53D57322CA9646DCF260AE240369714906CD464561402BF32CE96&opt=cablint
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Certificate with invalid CN and dnsName issued by certSIGN

Certificate with invalid CN and dnsName issued by certSIGN

2 matches

Site Navigation

Mail list logo

Footer information