Hi, all. https://crt.sh/?id=24937759962 private key is leaked, and subCA WoTrus RSA DV SSL CA 2 (https://crt.sh/?caid=427494) seems lack a quick way (posting by web form) to submit revocation request. So the report is posted to Sectigo.
In BR 4.9, there seems no explicit requirement for sub CA to support revocation request. Should we be more clear about this? (e.g. require all chain of trust CAs should process revocation request). -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/5084cfc0-e82b-4d15-b578-f829645aa59cn%40mozilla.org.
