I searched through the list of certificates that Rob provided and didn't
find any new issues (no valid certificates and none that had been issues
since Jan 1, 2017 and not previously disclosed.
I've requested an incident report from QuoVadis for the one new certificate
that Hanno identified via
Sorry -- digging into that 500 was on my plate, but there was a logging bug
on errors... and then some poor docs for the framework I'm using... and
before you know it, the yak stack was piled high. I'll cycle around to that
again this evening.
Alex
On Mon, Jun 18, 2018 at 9:53 AM Rob Stradling
On 17/06/18 21:09, Daniel Cater via dev-security-policy wrote:
On Monday, 14 May 2018 15:25:43 UTC+1, Rob Stradling
I'm currently running the check against all of the certs on the crt.sh
DB. I'll report back once this has completed.
Hi Rob,
Did your checks find anything else in the end?
On Monday, 14 May 2018 15:25:43 UTC+1, Rob Stradling
> I'm currently running the check against all of the certs on the crt.sh
> DB. I'll report back once this has completed.
Hi Rob,
Did your checks find anything else in the end?
___
On 14/05/18 11:39, Jakob Bohm via dev-security-policy wrote:
On 14/05/2018 10:42, Hanno Böck wrote:
Hi,
Yesterday was the 10y anniversary of the Debian OpenSSL random number
generator bug.
A few days ago I did a re-check of the CT logs for vulnerable keys.
I found one unexpired, unrevoked
On 14/05/2018 10:42, Hanno Böck wrote:
Hi,
Yesterday was the 10y anniversary of the Debian OpenSSL random number
generator bug.
A few days ago I did a re-check of the CT logs for vulnerable keys.
I found one unexpired, unrevoked certificate issued by a CA called
"QuoVadis". I reported it and
Hi,
Yesterday was the 10y anniversary of the Debian OpenSSL random number
generator bug.
A few days ago I did a re-check of the CT logs for vulnerable keys.
I found one unexpired, unrevoked certificate issued by a CA called
"QuoVadis". I reported it and it's been revoked, they told me they'll
7 matches
Mail list logo
