Test Certificates from Verizon

[Jeremy Rowley]

Based on the Symantec disclosure, we ran a test on our own certs (including
cross-signed partners) and found the following certificates that were issued
contrary to the Baseline Requirements. All of these certificates were issued
by Verizon's subordinate certificate. We've requested that the issuer
revoked each of these. So far, two have been revoked. Let me know what
questions you have.







Jeremy

[Kathleen Wilson]

I filed https://bugzilla.mozilla.org/show_bug.cgi?id=1335132 for this.

Jeremy, please attach the data to that bug.

Thanks,
Kathleen

[Kathleen Wilson]

It turns out that I had a copy of the original post in my inbox, with the image intact. So I've attached it to the bug.

Direct link:
https://bugzilla.mozilla.org/attachment.cgi?id=8831833

Kathleen

[Jeremy Rowley]

I'm attaching a spreadsheet to the bug so it's easier to read.

-----Original Message-----
From: dev-security-policy
[mailto:dev-security-policy-bounces+jeremy.rowley=digice...@lists.mozilla
.org] On Behalf Of Kathleen Wilson
Sent: Monday, January 30, 2017 3:18 PM
To: mozilla-dev-s...@lists.mozilla.org
Subject: Re: Test Certificates from Verizon

On Monday, January 30, 2017 at 11:27:39 AM UTC-8, Kathleen Wilson wrote:

It turns out that I had a copy of the original post in my inbox, with the
image intact. So I've attached it to the bug.

Direct link:
https://bugzilla.mozilla.org/attachment.cgi?id=8831833

Kathleen

_______________________________________________
dev-security-policy mailing list
dev-secur...@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy