Hello, My first post here.
I just noticed StartCom have issued today couple obviously fake certificates: https://crt.sh/?id=146437565 Subject: commonName = ov organizationName = test localityName = Beijing stateOrProvinceName = Beijing countryName = Beijing serialNumber = 123456 X509v3 Subject Alternative Name: DNS:www.test.cn https://crt.sh/?id=146484676 Subject: commonName = iv givenName = Jeremy surname = Liao localityName = Beijing stateOrProvinceName = Beijing countryName = CN X509v3 Subject Alternative Name: DNS:www.test.cn https://crt.sh/?id=146517428 Subject: commonName = ov organizationName = test localityName = Beijing stateOrProvinceName = Beijing countryName = Beijing serialNumber = 123456 X509v3 Subject Alternative Name: DNS:www.test.cn I am well aware these certificates will not be accepted in Firefox/NSS, but because of the fact their root certificate is still in NSS trust store, there might be some interest in the community regarding obvious policy violation. Regards, Patryk Szczygłowski _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
