Two intermediate certs for "Atos TrustedRoot CodeSigning-CA 2011" with the same Issuer and Serial Number: https://crt.sh/?id=49643406 https://crt.sh/?id=18068233 Two intermediate certs for "Atos TrustedRoot Server-CA 2011" with the same Issuer and Serial Number: https://crt.sh/?id=705899 https://crt.sh/?id=18068212
Martin, I realize that these certs have been revoked, and they were created before the first BR Effective Date of 01-Jul-2012. Please add a comment to this bug to indicate what mechanisms Atos has put in place to ensure that certs cannot be issued with duplicate serial numbers. Thanks, Kathleen
This issue was already discussed during our Root Inclusion request: https://groups.google.com/forum/#!searchin/mozilla.dev.security.policy/atos%7Csort:relevance/mozilla.dev.security.policy/zEfkTiu_Uqk/SkN1oUSykGcJ
Thank you for the reminder. This was previously resolved: https://groups.google.com/d/msg/mozilla.dev.security.policy/zEfkTiu_Uqk/q1fhlyo1bm0J So I will resolve this bug as a duplicate of Bug #711366 which was the trigger for that discussion.