DigiCert Revocation Incident
Discussion
https://www.digicert.com/support/certificate-revoc...
Hang onto your hats, potential for some problems tonight..
Hang onto your hats, potential for some problems tonight..
How long are the random hostnames that digicert generate. Sounds unlikely to be much risk, just strict application of the standard.
Looks like they were supposed to revoke in 24hrs and are actually aiming for 120hrs, presumably to allow for customer notification, getting grief on CABF for it. I can imagine lots of big orgs wouldn’t be able to react in 24hrs, especially if they’d outsourced cert management.
Looks like they were supposed to revoke in 24hrs and are actually aiming for 120hrs, presumably to allow for customer notification, getting grief on CABF for it. I can imagine lots of big orgs wouldn’t be able to react in 24hrs, especially if they’d outsourced cert management.
wombleh said:
How long are the random hostnames that digicert generate. Sounds unlikely to be much risk, just strict application of the standard.
Looks like they were supposed to revoke in 24hrs and are actually aiming for 120hrs, presumably to allow for customer notification, getting grief on CABF for it. I can imagine lots of big orgs wouldn’t be able to react in 24hrs, especially if they’d outsourced cert management.
I can’t see any update to say it’s 120 hours?Looks like they were supposed to revoke in 24hrs and are actually aiming for 120hrs, presumably to allow for customer notification, getting grief on CABF for it. I can imagine lots of big orgs wouldn’t be able to react in 24hrs, especially if they’d outsourced cert management.
Was looking at the ticket on cabf bugzilla, few comments about when the renovation period starts:
https://bugzilla.mozilla.org/show_bug.cgi?id=19103...
https://bugzilla.mozilla.org/show_bug.cgi?id=19103...
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff