[cabfpub] Incident report: Internal names in certs expiring after 1st November 2015

Rob Stradling rob.stradling at comodo.com
Thu Nov 12 04:16:40 MST 2015


On 11/11/15 20:52, Rob Stradling wrote:
<snip>
>     - A few of the "Name Value"s in this report are probably not useable
> for addressing servers in a private network, but we've included them
> because they're not valid Internet domain names or Internet IP addresses
> either.

Jürgen pointed out to me that ending a domain name with a dot is valid 
DNS syntax, so we should not have classified "efr.zih.tu-dresden.de." 
[1] as non-compliant.  (Thanks Jürgen!)

So I've just removed that certificate [1] and one other certificate [2] 
from the spreadsheet.

If anyone else spots any errors in our report, we would be glad to 
correct them.


[1] https://crt.sh/?id=6917694

[2] https://crt.sh/?q=10632912

-- 
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online



More information about the Public mailing list