[cabfpub] Incident report: Internal names in certs expiring after 1st November 2015
Rob Stradling
rob.stradling at comodo.com
Thu Nov 12 11:16:40 UTC 2015
On 11/11/15 20:52, Rob Stradling wrote:
<snip>
> - A few of the "Name Value"s in this report are probably not useable
> for addressing servers in a private network, but we've included them
> because they're not valid Internet domain names or Internet IP addresses
> either.
Jürgen pointed out to me that ending a domain name with a dot is valid
DNS syntax, so we should not have classified "efr.zih.tu-dresden.de."
[1] as non-compliant. (Thanks Jürgen!)
So I've just removed that certificate [1] and one other certificate [2]
from the spreadsheet.
If anyone else spots any errors in our report, we would be glad to
correct them.
[1] https://crt.sh/?id=6917694
[2] https://crt.sh/?q=10632912
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
More information about the Public
mailing list