If they need some help with large scale replacement, I know some people who did that recently 😊. Joking of course, but really - with Godaddy, Google, and Apple reporting a large number of certs that have what seems to be a minor compliance issue in light of the certs all being SHA2, does Mozilla want to require a complete revocation and replacement? Seems like a lot of effort and disruption for little value to the Mozilla community.
-----Original Message----- From: dev-security-policy <[email protected]> On Behalf Of okaphone.elektronika--- via dev-security-policy Sent: Friday, March 8, 2019 12:28 PM To: [email protected] Subject: Re: Pre-Incident Report - GoDaddy Serial Number Entropy On Friday, 8 March 2019 17:07:57 UTC+1, Wayne Thayer wrote: > I've created https://bugzilla.mozilla.org/show_bug.cgi?id=1533774 to > track this issue. > > Apple has also submitted the following bug for this issue listing a > large number of impacted certificates: > https://bugzilla.mozilla.org/show_bug.cgi?id=1533655 > > - Wayne Wow! Looks like there are going to be A LOT of certificates that MUST be revoked. Formally correct of course, but could it perhaps be a good idea to consider the possibility of handling this one somewhat different? ;-) CU Hans _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
