CloudFlare has been issuing SHA-1 SSL Certificates from CloudFlare Inc
Compatibility CA-3 which is BR violation. See:
https://crt.sh/?CN=%25&iCAID=34007
Thank you
James Burton
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
It looks like "CloudFlare Inc Compatibility CA-3" chains back to the
"GTE CyberTrust Global Root" (see https://crt.sh/?caid=34007 )
The "GTE CyberTrust Global Root" is an old 1024 bit root that was
removed from NSS two years ago (see
https://bugzilla.mozilla.org/show_bug.cgi?id=1047011 ), and there
On Thu, Apr 13, 2017 at 9:33 AM, douglas.beattie--- via
dev-security-policy wrote:
> On Thursday, April 13, 2017 at 10:49:17 AM UTC-4, Gervase Markham wrote:
>> On 13/04/17 14:23, Doug Beattie wrote:
>> > There is no statement back to scope or corresponding audits. Were
>> > secure email capable
3 matches
Mail list logo