Bug 1548714 Comment 0 Edit History

Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.

Original comment by
on 
A list of SECOM certificates containing a localityName of "Default City: was published at https://misissued.com/batch/51/ This is apparently the default placed in OpenSSL CSRs, indicating that this field was not validated. BR section 7.1.4.2.2(e) states: If present, the subject:localityName field MUST contain the Subject’s locality information as verified under Section 3.2.2.1. The EVGLs reference the BRs.

Please provide an incident report, as described at https://wiki.mozilla.org/CA/Responding_To_An_Incident#Incident_Report
Revision 1 by
on 
A list of SECOM certificates containing a localityName of "Default City" was published at https://misissued.com/batch/51/ This is apparently the default placed in OpenSSL CSRs, indicating that this field was not validated. BR section 7.1.4.2.2(e) states: If present, the subject:localityName field MUST contain the Subject’s locality information as verified under Section 3.2.2.1. The EVGLs reference the BRs.

Please provide an incident report, as described at https://wiki.mozilla.org/CA/Responding_To_An_Incident#Incident_Report

Back to Bug 1548714 Comment 0