BlueCoat now has a CA signed by Symantec https://crt.sh/?id=19538258 Here's how to untrust it https://blog.filippo.io/untrusting-an-intermediate-ca-on-os-x …pic.twitter.com/mBD68nrVsD
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
to be fair, it's not rogue. It's just a shady *organizations*. But there's no proof of bad faith for that cert.
there are reporting requirements, right? afair symantec has to inform mozilla if they issue new subCAs. did they?
to which question did you answer? :-) yep, there are requirements or yep, they reported it?
I might have pushed Twitter brevity too far ;) yep they reported it
ok, so for now no policy violation. just another shady CA (we already have some of them).
And how is it not a policy violation to sign a subCA that's not bound by any of the policy you're bound by??
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.