On Fri, 17 Aug 2018 at 18:22, Daymion Reynolds via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote:
> Revoke Disclosure > > GoDaddy has been proactively performing self-audits. As part of this > process, we identified a vulnerability in our code that would allow our > validation controls to be bypassed. This bug would allow for a Random Value > that was generated for intended use with Method 3.2.2.4.6 and 3.2.2.4.7 and > was validated using Method 3.2.2.4.2 by persons who were not confirmed as > the domain contact. This bug was introduced November 2014 and was leveraged > to issue a total of 865 certificates. The bug was closed hours after > identification, and in parallel we started the scope and revocation > activities. > > In accordance with CA/B Forum BR, section 4.9.1.1, all miss-issued > certificates were revoked within 24 hours of identification. > > A timeline of the Events for Revocation are as follows: > > 8/13 9:30am – Exploit issue surfaced as possible revocation event. > 8/13 9:30-4pm – Issue scope identification (at this point it was unknown), > gathering certificate list > 8/13 4pm – Certificate list finalized for revoke total 825 certs, Revoke > notification sent to cert owners. > I presume you mean domain owners? Do we know if any of these certs were used? If so, how? > 8/14 1:30pm – All certificates revoked. > > Further research identified 40 certificates which contained re-use of > suspect validation information. > 8/15 – 2pm – Additional certificates identified due to re-use. > 8/15 – 2:30pm – Customers notified of pending revoke. > 8/16 – 12:30pm – All certificated revoked. > > We stand ready to answer any questions or concerns. > Daymion > > Certificate list which can be found in CRT.sh: > > Domain,CRT.sh link > www.makancoaching.co.uk,https://crt.sh/?id=486518293 > www.superguttervac.co.uk,https://crt.sh/?id=484345622 > www.aloftimaging.co.uk,https://crt.sh/?id=486443992 > www.inverroycrisismanagement.com,https://crt.sh/?id=505471354 > *.lumeter.co.uk,https://crt.sh/?id=575952063 > theredstartprimaryschool.co.uk,https://crt.sh/?id=448982417 > www.glscoatings.co.uk,https://crt.sh/?id=471607541 > www.thelittlecakekitchen.co.uk,https://crt.sh/?id=622887520 > bri-lyncsbs1.corp.uxc.com.au,https://crt.sh/?id=445612142 > mel-lyncsbs1.corp.uxc.com.au,https://crt.sh/?id=445611906 > syd-lyncsbs1.corp.uxc.com.au,https://crt.sh/?id=445589055 > www.photislight.co.uk,https://crt.sh/?id=627260711 > sportsandplayconsulting.co.uk,https://crt.sh/?id=432887146 > *.mca.uk.net,https://crt.sh/?id=476788955 > www.underdogcoffee.co.uk,https://crt.sh/?id=445809844 > www.kiyoraspa.co.uk,https://crt.sh/?id=448128056 > www.kinesisclinic.co.uk,https://crt.sh/?id=444013056 > www.homegenies.co.uk,https://crt.sh/?id=490198693 > activemountaineering.co.uk,https://crt.sh/?id=452604481 > www.brightonshellfish.co.uk,https://crt.sh/?id=484311113 > www.electroquip.co.uk,https://crt.sh/?id=454680891 > www.melbournederbyshire.co.uk,https://crt.sh/?id=459144464 > iih.org.uk,https://crt.sh/?id=452613519 > *.growhub.co.uk,https://crt.sh/?id=445804391 > www.weaversguesthouse.co.uk,https://crt.sh/?id=516764585 > *.ctc-solutions.co.uk,https://crt.sh/?id=508837605 > thothmail.saqqara.co.uk,https://crt.sh/?id=627917932 > www.ringwoodhallhotel.com,https://crt.sh/?id=456471228 > remote.yachtingpages.com,https://crt.sh/?id=453013515 > www.waynesecigsupplies.co.uk,https://crt.sh/?id=484348665 > www.thoth.saqqara.co.uk,https://crt.sh/?id=477514633 > remote.mara.uk.com,https://crt.sh/?id=491400207 > www.needfulthings.uk.com,https://crt.sh/?id=458812648 > www.sensoryapphouse.com,https://crt.sh/?id=460684499 > www.youcanbecome.co.uk,https://crt.sh/?id=486521955 > *.speechbuilder.co.uk,https://crt.sh/?id=465020837 > www.somerville-house.co.uk,https://crt.sh/?id=513011072 > www.cameoclassics.co.uk,https://crt.sh/?id=627503851 > praxis-godesberger-allee.de,https://crt.sh/?id=491408016 > www.hydra-te.co.uk,https://crt.sh/?id=505470107 > *.mca.uk.net,https://crt.sh/?id=476788955 > *.mhsserver5.com,https://crt.sh/?id=575963842 > www.dormagen-anwalt.de,https://crt.sh/?id=487910728 > rosenbaumgruppe.eu,https://crt.sh/?id=484075777 > remote.micheloud.net,https://crt.sh/?id=491387626 > webmail.janssensmarket.com,https://crt.sh/?id=527896643 > www.collegeinabox.co.uk,https://crt.sh/?id=500425581 > www.lepetitcapelier.com,https://crt.sh/?id=497736247 > www.total-michel.com,https://crt.sh/?id=486035156 > www.thetoolbox.uk.com,https://crt.sh/?id=486038438 > www.theinformer.org.uk,https://crt.sh/?id=488179681 > outlook.comprovide.de,https://crt.sh/?id=575914237 > www.vellastar.com,https://crt.sh/?id=493898204 > mail.iarg.com.au,https://crt.sh/?id=501369255 > www.iplacenotes.com,https://crt.sh/?id=487635287 > isiportalorders.com,https://crt.sh/?id=496718880 > www.ostsee-grundbesitz.de,https://crt.sh/?id=518520334 > invia-koeln.de,https://crt.sh/?id=489938629 > www.nikkihalliwell.com,https://crt.sh/?id=510581809 > www.mckennaxmedia.co.uk,https://crt.sh/?id=513220692 > www.indigoplumbingandheating.co.uk,https://crt.sh/?id=553607579 > essentialtwenty.co.uk,https://crt.sh/?id=488171957 > www.topthornarena.co.uk,https://crt.sh/?id=497039944 > www.marstallwache.de,https://crt.sh/?id=512736683 > www.feuerwehr-heinrichsheim.de,https://crt.sh/?id=551287541 > kaizenlaw.co.uk,https://crt.sh/?id=492950320 > www.sumgyeojingem.com,https://crt.sh/?id=494615543 > www.jmac.uk.com,https://crt.sh/?id=627421796 > www.thewateringhole.bar,https://crt.sh/?id=606515818 > www.ianhudson.net,https://crt.sh/?id=645899632 > *.art2day.co.uk,https://crt.sh/?id=494887434 > remote.schabos.de,https://crt.sh/?id=527914651 > jimrailton.com,https://crt.sh/?id=497728128 > www.viaherbal.uk.com,https://crt.sh/?id=626816368 > mail.fruvital.de,https://crt.sh/?id=527932156 > mail.quadrax.com,https://crt.sh/?id=527898461 > *.gleeson-homes.co.uk,https://crt.sh/?id=551770424 > lillilondoncleaning.co.uk,https://crt.sh/?id=518843419 > calendarcolumbusga.com,https://crt.sh/?id=515938374 > visitcolumbusga.com,https://crt.sh/?id=515940898 > familyguidancecenter.org,https://crt.sh/?id=525175743 > www.fileybeach.co.uk,https://crt.sh/?id=516761056 > www.locksmith-basildon.co.uk,https://crt.sh/?id=506689410 > www.mncrs.co.uk,https://crt.sh/?id=527899152 > www.medserveltd.com,https://crt.sh/?id=524569563 > www.polishwithpatrycja.co.uk,https://crt.sh/?id=513016946 > giftcirkul.com,https://crt.sh/?id=510267354 > *.imfs.co.com,https://crt.sh/?id=533722181 > mckessonbuyersuniversity.ceimpact.com,https://crt.sh/?id=608331921 > www.eahl.eu,https://crt.sh/?id=514571526 > www.youcansell.co.uk,https://crt.sh/?id=529858360 > www.residenzen-heiligendamm.de,https://crt.sh/?id=597111801 > www.jakhire.com,https://crt.sh/?id=513062389 > mykologie-koeln.de,https://crt.sh/?id=509389792 > www.findgym.co.uk,https://crt.sh/?id=518842814 > www.caddie-express.co.uk,https://crt.sh/?id=576068567 > *.hummersknott.org.uk,https://crt.sh/?id=610718875 > www.backhealthexpert.com,https://crt.sh/?id=535773480 > www.a-webster.co.uk,https://crt.sh/?id=606885987 > ovadraft.com,https://crt.sh/?id=554350487 > www.bicoolsolutions.co.uk,https://crt.sh/?id=525295841 > www.stangenberg-residenzen.de,https://crt.sh/?id=511678790 > www.yourproduct.co.uk,https://crt.sh/?id=544449542 > davisandcopeland.com,https://crt.sh/?id=517939638 > www.kifkim.co.uk,https://crt.sh/?id=534849037 > mailgate.technicool.uk.com,https://crt.sh/?id=575968558 > www.smithsfamilylawyer.co.uk,https://crt.sh/?id=541285213 > www.cesgb.com,https://crt.sh/?id=525764837 > www.signingtreevenue.org.uk,https://crt.sh/?id=632241456 > sportsmark.co.uk,https://crt.sh/?id=563328238 > www.fscdash.co.uk,https://crt.sh/?id=606796378 > www.dowellwebtools.com,https://crt.sh/?id=537746445 > www.huntandnash.co.uk,https://crt.sh/?id=545455209 > www.cookyourlife.co.uk,https://crt.sh/?id=551714450 > autodiscover.norvap.com,https://crt.sh/?id=536781943 > mailserver.bauenundleben.com,https://crt.sh/?id=606658943 > www.raehowells.co.uk,https://crt.sh/?id=542311384 > www.unlock-emea.com,https://crt.sh/?id=546130587 > www.abdcct.co.uk,https://crt.sh/?id=580584050 > *.owb.uk.com,https://crt.sh/?id=546126720 > www.vinemedicalgroup.co.uk,https://crt.sh/?id=578595412 > www.loewerewards.com,https://crt.sh/?id=539900586 > www.hemphorizon.co.uk,https://crt.sh/?id=566913867 > server.hearnden-daughters.co.uk,https://crt.sh/?id=589408081 > kinetech.online,https://crt.sh/?id=551668668 > coralancloud.autoentrysystems.ie,https://crt.sh/?id=551449603 > www.regainhearing.co.uk,https://crt.sh/?id=553620016 > *.lakesideclassics.uk.com,https://crt.sh/?id=542259347 > *.vygon.co.uk,https://crt.sh/?id=575911226 > exchange.caad-valais.ch,https://crt.sh/?id=575969521 > www.audreypaterson.com,https://crt.sh/?id=565084759 > www.garages-direct.co.uk,https://crt.sh/?id=558082255 > access.ifahotelsresorts.com,https://crt.sh/?id=575896651 > www.acrobatmarketingsolutions.uk.com,https://crt.sh/?id=579999653 > mail.kenwayengineering.com,https://crt.sh/?id=576003106 > www.hostile-environment-training.com,https://crt.sh/?id=606496635 > <https://crt.sh/?id=576003106www.hostile-environment-training.com,https://crt.sh/?id=606496635> > www.greenconstructionboard.org,https://crt.sh/?id=597886475 > *.sollis.thirdparty.nhs.uk,https://crt.sh/?id=574088810 > www.agaia.co.uk,https://crt.sh/?id=566993463 > www.letsgopeakdistrict.co.uk,https://crt.sh/?id=567020929 > www.wealth-training-company.com,https://crt.sh/?id=568722108 > www.richardcoandesign.co.uk,https://crt.sh/?id=569489355 > www.goldiemag.co.uk,https://crt.sh/?id=576028996 > wearewaxon.co.uk,https://crt.sh/?id=575540419 > demo.aktuarlife.com,https://crt.sh/?id=606684860 > ucr.uk.com,https://crt.sh/?id=601431128 > www.pskweb.co.uk,https://crt.sh/?id=580142612 > webstercity.com,https://crt.sh/?id=568724202 > www.happydecluttering.co.uk,https://crt.sh/?id=628476600 > www.timeandspace-interior.co.uk,https://crt.sh/?id=628380918 > www.nfts.airbus.com,https://crt.sh/?id=600497151 > www.decadencesalon.co.uk,https://crt.sh/?id=622803684 > www.thelowerbuck.com,https://crt.sh/?id=622803684 > www.everestlawsolicitors.co.uk,https://crt.sh/?id=574178470 > www.dailyimpact.org.uk,https://crt.sh/?id=586284992 > canomod.com,https://crt.sh/?id=584392045 > www.cpfuelinjection.co.uk,https://crt.sh/?id=606277595 > oakworthfp.co.uk,https://crt.sh/?id=626712902 > www.mahanteshkaroshi.co.uk,https://crt.sh/?id=629036757 > *.bluecoatbeechdale.uk.com,https://crt.sh/?id=593051280 > *.bluecoat.uk.com,https://crt.sh/?id=604819286 > bigrockresort.com,https://crt.sh/?id=599393621 > www.kcandles.co.uk,https://crt.sh/?id=627919030 > www.belisamacandles.wales,https://crt.sh/?id=593194811 > www.csfn-aicsf.com,https://crt.sh/?id=601372657 > www.leosharpphotography.co.uk,https://crt.sh/?id=624384194 > www.jessicaandspencer.co.uk,https://crt.sh/?id=624376331 > www.igers.co.uk,https://crt.sh/?id=616872706 > www.epecltd.co.uk,https://crt.sh/?id=604006004 > vps13450994.123-vps.co.uk,https://crt.sh/?id=596916855 > www.amandaharvey.co.uk,https://crt.sh/?id=607353644 > *.bedford.ac.uk,https://crt.sh/?id=630960362 > www.cityoflondongroup.com,https://crt.sh/?id=620024976 > www.cimdisplay.co.uk,https://crt.sh/?id=626787486 > www.chrisleephoto.com,https://crt.sh/?id=605060986 > www.taketheexit.co.uk,https://crt.sh/?id=643661059 > www.dexr.uk,https://crt.sh/?id=607688575 > www.barrelhunter.co.uk,https://crt.sh/?id=646454965 > www.blowthedustoff.co.uk,https://crt.sh/?id=611578363 > www.abeckford.co.uk,https://crt.sh/?id=640146925 > www.tradecolourprinting.co.uk,https://crt.sh/?id=643665069 > www.tuspec.co.uk,https://crt.sh/?id=610289059 > www.thomasridgemagicwords.com,https://crt.sh/?id=616555156 > www.beadandwoolshop.co.uk,https://crt.sh/?id=624580916 > www.thestoveandfireplace.co.uk,https://crt.sh/?id=616426949 > www.fgfgas.com,https://crt.sh/?id=614501135 > www.iphoneflick.com,https://crt.sh/?id=616794973 > www.av-ksk-laftbw.de,https://crt.sh/?id=607254582 > www.laftbw.de,https://crt.sh/?id=607262105 > www.bossbabies.co.uk,https://crt.sh/?id=617876439 > www.fintechparitypledge.org,https://crt.sh/?id=618164204 > www.theyoganidra.co.uk,https://crt.sh/?id=619145529 > *.handisos.co.uk,https://crt.sh/?id=619716575 > www.gsm-1.com,https://crt.sh/?id=619787541 > onlinedrivinglicense.info,https://crt.sh/?id=626907508 > *.nectere.co.uk,https://crt.sh/?id=619647144 > remote.mssl.uk.com,https://crt.sh/?id=631020143 > www.wearewaxon.com,https://crt.sh/?id=626695933 > hydro-fuel.co.uk,https://crt.sh/?id=637700747 > remote.compass101.com,https://crt.sh/?id=626843262 > step-koeln.de,https://crt.sh/?id=621998916 > acedges4b.7p-group.com,https://crt.sh/?id=621398283 > www.monkeyinvoice.com,https://crt.sh/?id=629691891 > www.p-m-a.co.uk,https://crt.sh/?id=628464565 > ams-hoa.com,https://crt.sh/?id=628503998 > www.hattonandharding.com,https://crt.sh/?id=637151607 > www.yorkshirehairreplacementclinic.co.uk,https://crt.sh/?id=637598060 > desktop.ems-uk.org,https://crt.sh/?id=631958613 > <https://crt.sh/?id=637598060desktop.ems-uk.org,https://crt.sh/?id=631958613> > www.smhlawspokane.com,https://crt.sh/?id=629826360 > www.ajp-bathrooms.co.uk,https://crt.sh/?id=637022912 > www.obanmusicsociety.org,https://crt.sh/?id=632031473 > www.leadingonpurpose.org.uk,https://crt.sh/?id=635562407 > *.auditapp.uk.com,https://crt.sh/?id=637777853 > www.boffox.com,https://crt.sh/?id=635578691 > www.plasticsuk.com,https://crt.sh/?id=636149017 > owa.haeuserkg.de,https://crt.sh/?id=636202281 > www.primal40.com,https://crt.sh/?id=637647770 > www.belvedere-wittenbeck.de,https://crt.sh/?id=637667965 > cloud-celeris.cl,https://crt.sh/?id=637870733 > www.floormasteryorkshire.co.uk,https://crt.sh/?id=638216021 > > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
