Confirmed users
377
edits
CA/e-commerce-monitoring Issues: Difference between revisions
m
→Certificate issued with two pre-certificates: Added quote
m (Added draft back in) |
m (→Certificate issued with two pre-certificates: Added quote) |
||
| Line 12: | Line 12: | ||
https://bugzilla.mozilla.org/show_bug.cgi?id=1830536 | https://bugzilla.mozilla.org/show_bug.cgi?id=1830536 | ||
Related to Bug # 1815534, it was also discovered that in an attempt to obtain a sufficient number of SCTs, ECM’s CT component submitted two pre-certificates for a single final certificate (all with the same serial number). These two incidents exposed a lack of internal verification processes and automated checks for changes to CT log servers. ECM | Related to Bug # 1815534, it was also discovered that in an attempt to obtain a sufficient number of SCTs, ECM’s CT component submitted two pre-certificates for a single final certificate (all with the same serial number). These two incidents exposed a lack of internal verification processes and automated checks for changes to CT log servers. ECM noted that "certificate transparency has brought a new dimension as described in the present report – the fact that also an assumed-to-exist-certificate is in scope by virtue of Mozilla Root Store Policy 5.4. This had not been properly taken into account in our interpretation and measures, respectively." https://bugzilla.mozilla.org/show_bug.cgi?id=1830536#c1 | ||
'''Issues:''' Certificate Misissuance; Incident Reporting | '''Issues:''' Certificate Misissuance; Incident Reporting | ||