CA/Symantec Issues: Difference between revisions

Jump to navigation Jump to search

CA/Symantec Issues (view source)

Revision as of 14:53, 30 March 2017

226 bytes added ,  30 March 2017
More on UniCredit
(More edits)
(More on UniCredit)
Line 129: Line 129:
===Symantec Response===
===Symantec Response===


Several months after this problem was discovered by Mozilla, Symantec eventually ordered them to stop issuing, but they continued, in violation of that agreement. Symantec then finally revoked their intermediate.
Symantec's initial response was to get UniCredit to put in place controls to fix the violations found, and to review and replace any affected certificates. However, they continued to be without an audit. Symantec eventually asked them for one, and when they were unable to produce (presumably, pass) one, ordered them to stop issuing. However they continued, in violation of that agreement. Symantec then finally revoked their intermediate.


==Issue R: Insecure Issuance API (2013 or earlier - November 2016)==
==Issue R: Insecure Issuance API (2013 or earlier - November 2016)==
Gerv
Account confirmers, Anti-spam team, Confirmed users, Bureaucrats and Sysops emeriti
4,925

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/1167101"

Navigation menu