Consider requiring CT information for StartCom operated CAs
Reported by
robst...@gmail.com,
Jul 7 2016
|
|||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 Steps to reproduce the problem: https://www.startssl.com/NewsDetails?date=20160323 "StartCom have updated the PKI system to guarantee all issued SSL certificates MUST post to CT log server and embed the SCT data in the SSL certificate. If the browsers or any party have found any SSL certificates don’t include SCT data in the SSL certificate, browsers can distrust this SSL certificate and report to us as an incident" What is the expected behavior? StartCom seem to be volunteering to have their roots added to the "require CT" list that Issue #620178 created. What went wrong? StartCom's roots aren't currently in the "require CT" list. Did this work before? N/A Chrome version: 51.0.2704.106 Channel: stable OS Version: 10.0 Flash Version: Shockwave Flash 22.0 r0 I'll ask Eddy Nigg from StartCom to comment.
,
Jul 11 2016
,
May 12 2017
|
|||
►
Sign in to add a comment |
|||
Comment 1 by rsleevi@chromium.org
, Jul 7 2016Labels: -Type-Bug -Via-Wizard -Arch-x86_64 OS-All Type-Feature