Equifax: Still valid 1024 certificates

RESOLVED FIXED

Status

RESOLVED FIXED
4 years ago
2 years ago

People

(Reporter: kurt, Assigned: rick_andrews)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: BR Compliance - 1024 bit certs)

(Reporter)

Description

4 years ago
I'm have a list of about 12000 certificates that are still valid, haven't been revoked and have a 1024 bit key.  Over 1000 of those are still being used.

They're all issued by:
C=US, O=Equifax, OU=Equifax Secure Certificate Authority
(Reporter)

Updated

4 years ago
Blocks: 1029147

Updated

4 years ago
Assignee: kwilson → rick_andrews
Whiteboard: BR Compliance - 1024 bit certs
Rick: any news here?

Gerv

Comment 2

4 years ago
Equifax is an 1024-bit root anyway, so it is best to deal with this by removing the root, which there is already a bug on.

Comment 3

4 years ago
Kurt, Would you please attach the current list of such sites to Bug #986019
Then I think we can close this bug as a duplicate of Bug #986019. Do you agree?

Comment 4

4 years ago
A list of all site that uses the Equifax root where the certificate is still valid would be better.

Comment 5

3 years ago
Closing this bug because the Websites and Code Signing trust bits were turned off for this 'Equifax Secure CA' root cert in Firefox 44.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → FIXED

Updated

2 years ago
Product: mozilla.org → NSS
You need to log in before you can comment on or make changes to this bug.