subject:"Incident report \- ROCA fingerprints in certificates issued by Comodo CA \(was Re\: RSA key generation vulnerability in Infineon firmware\)"

Re: Incident report - ROCA fingerprints in certificates issued by Comodo CA (was Re: RSA key generation vulnerability in Infineon firmware)

2017-11-09 Thread Rob Stradling via dev-security-policy

On 09/11/17 13:09, Rob Stradling via dev-security-policy wrote: On 06/11/17 22:26, Rob Stradling via dev-security-policy wrote: On Monday 6th November, we scanned the certificates that we'd issued between 20th October and 5th November. 8 further server authentication certificates were found,

Re: Incident report - ROCA fingerprints in certificates issued by Comodo CA (was Re: RSA key generation vulnerability in Infineon firmware)

2017-11-09 Thread Rob Stradling via dev-security-policy

On 06/11/17 22:26, Rob Stradling via dev-security-policy wrote: On Monday 6th November, we scanned the certificates that we'd issued between 20th October and 5th November. 8 further server authentication certificates were found, all for subdomains of the same registered domain. We will get