Re: DigiCert validation issue

2019-06-05 Thread Julien Cristau via dev-security-policy
For those following along at home the incident report with details is in bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1556948 Cheers, Julien On Wed, Jun 5, 2019 at 8:17 AM Jeremy Rowley via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > I just posted this

DigiCert validation issue

2019-06-05 Thread Jeremy Rowley via dev-security-policy
I just posted this incident report. The summary is we had an issue where a certain path allowed issuance of certs for example.com when only www.example.com was verified. This incident happened previously with Comodo here:

Apple: Non-compliant Common Name Length

2019-06-05 Thread Apple CA via dev-security-policy
On June 4, Apple submitted an incident report: https://bugzilla.mozilla.org/show_bug.cgi?id=1556906, which is reposted below. ___ Incident Report 1. How your CA first became aware of the problem (e.g. via a

RE: DigiCert validation issue

2019-06-05 Thread Jeremy Rowley via dev-security-policy
Here's the link: https://bugzilla.mozilla.org/show_bug.cgi?id=1556948 -Original Message- From: dev-security-policy On Behalf Of Jeremy Rowley via dev-security-policy Sent: Wednesday, June 5, 2019 12:17 AM To: mozilla-dev-security-pol...@lists.mozilla.org Subject: DigiCert validation