On Tuesday, August 16, 2016 at 11:53:24 AM UTC-7, Kathleen Wilson wrote:
> Our understanding: "The real problem here is that the issuing
> certificate is using sha-1 with predictable serial numbers. ... If a
> chosen-prefix attack on sha-1 were discovered... an attacker could use
> this CA to
All,
As you know, the CA Community in Salesforce (aka Common CA Database)
automatically sends audit reminder emails to CAs in Mozilla’s root store
with overdue audit statements on the 3rd Tuesday of each month.
As requested, here is a summary of the audit-reminder emails that were
sent
All,
It has come to our attention that Hongkong Post has recently issued a
SHA1 cert that can be used in TLS/SSL.
https://bugzilla.mozilla.org/show_bug.cgi?id=1267332#c3
The certificate was signed by the "Hongkong Post e-Cert CA 1 - 10"
intermediate certificate.
From the CA: "This
Hello again Rob,
"ISRG Root X1" is listed as "Unconstrained id-kp-serverAuth Trust: Disclosure
is required!"
I believe this root is now (or shortly will be) trusted directly by NSS, and so
isn't an intermediate and shouldn't appear on the list.
Before it was added to NSS, it simply wasn't
4 matches
Mail list logo