[sudo-sys] ssl revocation? new version of firefox/iceweasel
Charley Sheets
rcsheets at acm.org
Sat May 17 13:17:44 PDT 2014
On 2014-05-17 12:15, Yar wrote:
> On Wed, May 14, 2014 at 10:50 AM, Charley Sheets <rcsheets at acm.org>
> wrote:
>> I don't understand why they'd just revoke our certs without
>> explanation. The
>> new certs are working though.
>
> They're now saying that it was revoked because the certificate was
> hosting malware, citing this spamhaus report:
> http://www.spamhaus.org/sbl/query/SBL222149'
I'm glad they've finally provided an explanation, but that seems like
something they should have been able to tell us right away, rather than
coming up with days later.
> They say there's a "KINS webinjects / MITM server" at the IP address
> 195.211.153.54. But sudoroom.org is at 173.255.221.152 so I don't
> understand what this has to do with us.
Could it be that someone else got our cert somehow, and was using it at
that address?
> Do we have any services at 195.211.153.54? Or can I tell Comodo they
> made a mistake? If we don't resolve it with them, our new cert may get
> revoked again.
It doesn't look like anything is running at vm-4197.unit-is.com
(195.211.153.54), or at least nothing that's willing to talk to me...
All 1000 scanned ports on vm-4197.unit-is.com (195.211.153.54) are
filtered
--
Charley
More information about the sudo-sys
mailing list