@martinsuchan @sleevi_ @pzb martin-majority of those in your link were issued from roots that were pulled from trust (per request of the CA)
-
-
Replying to @prdonahue
@prdonahue@martinsuchan@pzb I honestly hope you don't believe that is an excuse or acceptable behaviour.1 reply 0 retweets 1 like -
Replying to @sleevi_
@prdonahue@martinsuchan@pzb 1) The CA is clearly going beyond SHA-1 in violating the BRs. The scope of how far they'll go is unknown.4 replies 0 retweets 0 likes -
Replying to @sleevi_
@prdonahue@martinsuchan@pzb 2) Two browsers that have tried to remove these roots so far have failed due to the CAs' profilgate issues1 reply 0 retweets 1 like -
Replying to @sleevi_
@prdonahue@martinsuchan@pzb 3) TSymantec said JUST LAST MONTH they were only going to violate BRs on SHA-12 replies 0 retweets 1 like -
Replying to @sleevi_
@sleevi_@martinsuchan@pzb please don't put me in the camp of supporting symantec's BR violations. i will not/have never defended those.1 reply 0 retweets 0 likes -
Replying to @prdonahue
@prdonahue@martinsuchan@pzb Then don't argue they were pulled from trust in response to misissuance, when they weren't and aren't.2 replies 0 retweets 1 like -
Replying to @sleevi_
@sleevi_@martinsuchan@pzb think you misunderstood my chime in. was /strictly/ commenting on the CN=*cloudflaressl w/not before> 2015-12-311 reply 0 retweets 0 likes -
Replying to @prdonahue
@sleevi_ you missed the new loserboard showing Comodo/CloudFlare responsible for as many SHA-1 as all others combined //@prdonahue1 reply 0 retweets 2 likes -
Replying to @pzb
@pzb@prdonahue Those are still trusted too. UTN - DataCorp SGC's cross-certified cyclic loop = path building hell.2 replies 0 retweets 3 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.