DigiCert now China CCP Dog,PEM uploaded
Categories
(CA Program :: CA Security Vulnerability, task)
Tracking
(Not tracked)
People
(Reporter: yellowwhite, Unassigned)
Details
Attachments
(2 files)
User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Steps to reproduce:
I use a china vpn,and i am mitmed.
I view youtube.
I use latest user version firefox on Linux.
Actual results:
mitm use DIGICERT and domain is Facebook.
there is also a DIGICERT domain is *.internet.org.
Expected results:
it should not do that as a big CERT company,and must face consequences.
It should not be hide as hide donot solve mitm,publish it does.
you can email this account if you need it publish on CISA.
|
||
Comment 1•1 year ago
|
||
The certificate you've attached is for the issuing CA "DigiCert SHA2 High Assurance Server CA".
Can you share the supposed end-entity certificate for Facebook or others?
|
Reporter | |
Comment 2•1 year ago
|
||
|
|
Reporter | |
Comment 3•1 year ago
|
||
Yes.
|
||
Comment 4•1 year ago
|
||
The certificate presented appears to be valid for Facebook. It is logged in CT and details can be reviewed here - https://crt.sh/?sha256=A15C58773AC8364F32D7D5CC69AD62C842787202680ED654F391EA5927A02D64. Internet.org appears to be a domain registered by Meta Platforms, Inc. (Meta/Facebook), and internet.org redirects to meta.com with apparently another valid TLS certificate. https://crt.sh/?sha256=B3A10164D39AA878D40D3FFC5F4B1245E619DFB29D46BB5DB5A8528A7C461E34
So, I am closing this bug as invalid. I'll reopen it if the reporter can provide any additional evidence of certificate mis-issuance or CA compromise.
Description
•