.ir/)?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/310999
Title:
comodo seen issuing certificates unwisely
To manage notifications about this bug go to:
https://bugs.launchpad.net/nss/+bug
suing certificates unwisely
To manage notifications about this bug go to:
https://bugs.launchpad.net/nss/+bug/310999/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
seen issuing certificates unwisely
To manage notifications about this bug go to:
https://bugs.launchpad.net/nss/+bug/310999/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/310999
Title:
comodo seen issuing certificates unwisely
To manage notifications about this bug go to:
https://bugs.launchpad.net/nss/+bug/310999/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
this bug go to:
https://bugs.launchpad.net/nss/+bug/310999/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/310999
Title:
comodo seen issuing certificates unwisely
To manage notifications about this bug go to:
https://bugs.launchpad.net/nss/+bug/310999/+subscriptions
--
ubuntu-bugs mailing list
eived this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/310999
Title:
comodo seen issuing certificates unwisely
To manage notifications about this bug go to:
https://bugs.launchpad.net/nss/+bug/310999/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
://bugs.launchpad.net/nss/+bug/310999/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
out this bug go to:
https://bugs.launchpad.net/nss/+bug/310999/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
unwisely
To manage notifications about this bug go to:
https://bugs.launchpad.net/nss/+bug/310999/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
://bugs.launchpad.net/nss/+bug/310999/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Title:
comodo seen issuing certificates unwisely
To manage notifications about this bug go to:
https://bugs.launchpad.net/nss/+bug/310999/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
ely
To manage notifications about this bug go to:
https://bugs.launchpad.net/nss/+bug/310999/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/310999
Title:
comodo seen issuing certificates unwisely
To manage notifications about this bug go to:
https://bugs.launchpad.net/nss/+bug/310999/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com
to present
to back up your allegation.
Regards
Robin Alden
Comodo
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/310999
Title:
comodo seen issuing certificates unwisely
To manage notifications ab
s, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/310999
Title:
comodo seen issuing certificates unwisely
To manage notifications about this bug go to:
https://bugs.launchpad.net/nss/+bug/310999/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Guys, lets take discussions to mozilla-dev-security-
pol...@lists.mozilla.org not here on the bug.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/310999
Title:
comodo seen issuing certificates unwise
I reiterate my objection to Mozilla allowing the included certification
authorities to outsource to third-party registration authorities.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/310999
Title:
Robin, so the official stance from Comodo and its CEO - at least per bug
642395 Comment 73 - is that Iranian government should be blamed for this
blunder? Well, in that case my last hopes that there still some tiny bit
of common sense left behind Comodo's operation just ended in smoke.
Meanwhile,
(In reply to comment #68)
> We do still have a subset of our sales partners who are able to act as RAs,
> but
> since this debacle over CertStar we have retrofitted our own DV process into
> the RA's ordering process in the vast majority of cases.
> By 'our own DV process', I mean that Comodo perf
Created attachment 521253
Comodo fraudulent certificates
Since proof is in the pudding - the above is being shipped via Windows
Update/WSUS at the moment.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs
(In reply to comment #90)
> No, I think the 9 certs are NOT publicly available.
They are. I don't think it's necessary to attach them here, but believe
me, they are publicly available.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
h
(In reply to comment #89)
>
> those 9 certs are now publicly available, so I see
> no reason to keep that bug private any longer.
No, I think the 9 certs are NOT publicly available.
In fact, the attacker might not have received the certs, according to Comodo's
blog.
So, for the time being, it m
(In reply to comment #79)
> The relevant Mozilla bug to that incident is bug 642395.
It's time to open it up... those 9 certs are now publicly available, so
I see no reason to keep that bug private any longer.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which i
Wow, and login.skype.com, login.yahoo.com, www.google.com and
mail.google.com - just excellent. OK, it's official - Comodo is now 4.5
times more lame than Verisign. :-P Their verification process must
completely rock, must be just another "glitch in our validation system"
- (C) Patricia, Certstar A
Gets even better - addons.mozilla.org was not enough, Comodo has been
also "creating trust online" by issuing fraudulent certificate for
login.live.com (Windows Live ID):
Microsoft Releases Security Advisory 2524375:
http://blogs.technet.com/b/msrc/archive/2011/03/23/microsoft-releases-security-a
(In reply to comment #85)
> Understandable, given that issuing certs is one of your company's businesses.
> :-) However, I have to go with The H Security:
The opinion of an editor isn't a decision factor I guess.
> Security by obscurity? :P Someone should unlock it promptly, gets
ridiculous.
Agr
(In reply to comment #84)
> Hey Doktor - the operation was successful - the patient died? This is
> actually
> not what we want. Don't kill the patient, root out the source of the problem.
> Or yank the root.
Understandable, given that issuing certs is one of your company's
businesses. :-) Howe
Hey Doktor - the operation was successful - the patient died? This is
actually not what we want. Don't kill the patient, root out the source
of the problem. Or yank the root. Or whatever...
As such why is bug 642395 restricted?
--
You received this bug notification because you are a member of U
(In reply to comment #81)
> in the mean time we face a tradeoff between greater availability (and
> therefore
> deeper penetration) of SSL and dodgy certs... I'm not sure what the best
> solution is (and am perhaps more concerned about government interference with
> CAs than technical issues).
Wh
I stand by my comment 72. A CA must not be allowed to outsource central
functions of the CA, including key signing, verification and server
administration. All entities who can, technically or organizationally,
perform these functions, must be included in the audits, being checked
physically. We MU
While I agree with your sentiment (and don't particularly like the way
this was handled – if the issuance issue was fixed then what's with the
secrecy?), I think the underlying problem is going to require a more
drastic solution than playing whack-a-mole with CAs. The TOR blog post
references a few
(In reply to comment #79)
> The relevant Mozilla bug to that incident is bug 642395.
Thanks for the pointer, but that bug is:
1/ Restricted (why still restricted, I have no idea, it's leaked all over the
web)
2/ Marked as RESOLVED FIXED.
While that particular *incident* might have been fixed, t
The relevant Mozilla bug to that incident is bug 642395.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/310999
Title:
comodo seen issuing certificates unwisely
--
ubuntu-bugs mailing list
ubuntu-bu
So, how much is too much?
https://blog.torproject.org/blog/detecting-certificate-authority-compromises-and-web-browser-collusion
http://blog.mozilla.com/security/2011/03/22/firefox-blocking-fraudulent-certificates/
This issue was reported to us by the *Comodo Group, Inc.*, the certificate
autho
I am seeing the "This connection is untrusted" warnings in Firefox
3.6.12 on Ubuntu 10.10 for sites with certificates from Comodo. The same
sites work fine in Firefox 3.6.x on Windows XP. Sites include:
https://contractor.lexisnexis.com/CS/welcome.do?justanswer
http://wingsguate.org/civicrm/contri
** Changed in: nss
Importance: Unknown => High
--
comodo seen issuing certificates unwisely
https://bugs.launchpad.net/bugs/310999
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.c
** Changed in: nss
Status: Confirmed => In Progress
--
comodo seen issuing certificates unwisely
https://bugs.launchpad.net/bugs/310999
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists
Alexander confirms that no action is required from our side any more.
** Changed in: nss (Ubuntu Jaunty)
Status: Triaged => Won't Fix
** Changed in: nss (Ubuntu Intrepid)
Status: Triaged => Won't Fix
** Changed in: nss (Ubuntu Hardy)
Status: Triaged => Won't Fix
** Changed
** Changed in: nss (Ubuntu Jaunty)
Assignee: (unassigned) => Alexander Sack (asac)
** Changed in: ca-certificates (Ubuntu Jaunty)
Assignee: (unassigned) => Alexander Sack (asac)
--
comodo seen issuing certificates unwisely
https://bugs.launchpad.net/bugs/310999
You received this bug no
Information on mozilla mailing lists indicates that Comodo has followed
up on the improperly issued certificates, and that revocations of the
affected certificates have been published in a crl: http://www.mail-
archive.com/dev-tech-cry...@lists.mozilla.org/msg05818.html
So I don't see that there's
On Fri, Jan 16, 2009 at 01:54:17AM -, Steve Langasek wrote:
> Still in a holding pattern here, not blocking alpha-3 on this. Do we
> think we can get a resolution for alpha-4?
>
> ** Changed in: ca-certificates (Ubuntu Jaunty)
>Target: jaunty-alpha-3 => jaunty-alpha-4
>
Upstream sti
Still in a holding pattern here, not blocking alpha-3 on this. Do we
think we can get a resolution for alpha-4?
** Changed in: ca-certificates (Ubuntu Jaunty)
Target: jaunty-alpha-3 => jaunty-alpha-4
--
comodo seen issuing certificates unwisely
https://bugs.launchpad.net/bugs/310999
You
On Tue, Jan 06, 2009 at 01:58:37PM -, Jamie Strandboge wrote:
> Regarding ca-certificates, while this problem is unfortunate, it is
> clear that simply removing the cert is not the answer because thousands
> of perfectly valid certificates would be marked invalid. If a subset of
> Comodo is to
Regarding ca-certificates, while this problem is unfortunate, it is
clear that simply removing the cert is not the answer because thousands
of perfectly valid certificates would be marked invalid. If a subset of
Comodo is to be invalidated, we need to consider Mozilla's rationale and
implementatio
we should decide on the blocking status for stable ubuntu releases, once
we decided what to do for jaunty.
** Changed in: ca-certificates (Ubuntu Dapper)
Importance: Undecided => High
Status: New => Triaged
** Changed in: ca-certificates (Ubuntu Gutsy)
Importance: Undecided => High
blocking next alpha so we get a decision soon.
** Changed in: ca-certificates (Ubuntu Jaunty)
Target: None => jaunty-alpha-4
** Changed in: ca-certificates (Ubuntu Jaunty)
Target: jaunty-alpha-4 => jaunty-alpha-3
--
comodo seen issuing certificates unwisely
https://bugs.launchpad.
i will defer decision for the ca-certificates package to the ubuntu
security team. If they make a decision i will also communicate their
rational to NSS upstream.
** Changed in: ca-certificates (Ubuntu)
Importance: Undecided => High
Status: New => Triaged
--
comodo seen issuing certifi
i will follow upstream decision on nss package.
** Changed in: nss (Ubuntu)
Importance: Undecided => High
Status: New => Triaged
--
comodo seen issuing certificates unwisely
https://bugs.launchpad.net/bugs/310999
You received this bug notification because you are a member of Ubuntu
Bug
On Fri, Jan 02, 2009 at 02:32:54PM -, Gabriel de Perthuis wrote:
> DIY way to quit trusting these certificates:
>
> sudo sed -ri '/comodo|utn|addtrust/Is/^!*/!/' /etc/ca-certificates.conf;
> sudo update-ca-certificates
>
nss doesnt use the ca-certificates package, but uses its own cert
store
DIY way to quit trusting these certificates:
sudo sed -ri '/comodo|utn|addtrust/Is/^!*/!/' /etc/ca-certificates.conf;
sudo update-ca-certificates
--
comodo seen issuing certificates unwisely
https://bugs.launchpad.net/bugs/310999
You received this bug notification because you are a member of Ubu
Ubuntu has the opportunity to exercise some editorial judgment here by
removing the cert regardless of the Mozilla project's decision. This
cert authority has clearly breached their duty to users to issue certs
only to verified parties. Since these certs are installed system-wide,
and are used by
** Changed in: nss
Status: Unknown => Confirmed
--
comodo seen issuing certificates unwisely
https://bugs.launchpad.net/bugs/310999
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubu
Well, I would like to defer to Mozilla's judgement here, as it comes
from their truststore. On the other hand we do not have the
possibility, to my knowledge, to add an intermediate CA to the package
with some negative trust value. So we would need to prune Comodo
completely.
As stated CertStar
** Summary changed:
- comodo seen issuing CAs unwisely
+ comodo seen issuing certificates unwisely
--
comodo seen issuing certificates unwisely
https://bugs.launchpad.net/bugs/310999
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
u
Even more:
http://groups.google.com/group/mozilla.dev.tech.crypto/browse_thread/thread/9c0cc829204487bf?pli=1
--
comodo seen issuing CAs unwisely
https://bugs.launchpad.net/bugs/310999
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
*** This bug is a security vulnerability ***
Public security bug reported:
http://blog.startcom.org/?p=145
Comodo, or one of its resellers, has been observed selling certificates
without serious domain control checks or other verification. There
should be some consideration for removing the imp
http://it.slashdot.org/article.pl?sid=08/12/23/0046258
Has some discussion on this topic.
--
comodo seen issuing CAs unwisely
https://bugs.launchpad.net/bugs/310999
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing
58 matches
Mail list logo
