Deutsche Telekom and their interpretation of their security obligations when beeing a public CA
Deutsche Telekom and their interpretation of their security obligations when beeing a public CA
bugzilla.mozilla.org 1877388 - Telekom Security: Revocation delay for TLS certificates with basicConstraints not marked as critical
ASSIGNED (Arnold.Essing) in CA Program - CA Certificate Compliance. Last updated 2024-07-21.
looks like:
- They claimed to be a trustworthy public CA (that can handle security incidents)
- They made commitments to be included as trustworthy in common Browsers and OS'es
- They now willfully break those commitments to rely on 2B2F only...
- They do not even answer valid questions for month in a process that they should have already completed within 5 days as was defined in the commitments they agreed upon.
Maybe Honest Achmed's Used Cars and Certificates should show up again once more !?