[SSL Observatory] did they generate impostor EV certs? (was: SSL CA compromise in the wild)

Hodges, Jeff jeff.hodges at paypal-inc.com
Thu Mar 24 15:19:21 PDT 2011

Previous message: [SSL Observatory] wrt HSTS (was: SSL CA compromise in the wild)
Next message: [SSL Observatory] did they generate impostor EV certs?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I note that the legit certs presented by <https://login.live.com/> and <https://addons.mozilla.org/> are regarded as EV certs by browsers -- are the impostor certs for those two domains also treated as EV? Has anyone tested this? 

thanks,

=JeffH

Previous message: [SSL Observatory] wrt HSTS (was: SSL CA compromise in the wild)
Next message: [SSL Observatory] did they generate impostor EV certs?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Observatory mailing list