[sudo-sys] ssl revocation? new version of firefox/iceweasel
Matthew Senate
mattsenate at gmail.com
Sat May 17 23:37:00 PDT 2014
Is it possible they linked you to the wrong spamhaus report by mistake?
On Sat, May 17, 2014 at 1:17 PM, Charley Sheets <rcsheets at acm.org> wrote:
> On 2014-05-17 12:15, Yar wrote:
>
>> On Wed, May 14, 2014 at 10:50 AM, Charley Sheets <rcsheets at acm.org>
>> wrote:
>>
>>> I don't understand why they'd just revoke our certs without explanation.
>>> The
>>> new certs are working though.
>>>
>>
>> They're now saying that it was revoked because the certificate was
>> hosting malware, citing this spamhaus report:
>> http://www.spamhaus.org/sbl/query/SBL222149'
>>
>
> I'm glad they've finally provided an explanation, but that seems like
> something they should have been able to tell us right away, rather than
> coming up with days later.
>
>
> They say there's a "KINS webinjects / MITM server" at the IP address
>> 195.211.153.54. But sudoroom.org is at 173.255.221.152 so I don't
>> understand what this has to do with us.
>>
>
> Could it be that someone else got our cert somehow, and was using it at
> that address?
>
>
> Do we have any services at 195.211.153.54? Or can I tell Comodo they
>> made a mistake? If we don't resolve it with them, our new cert may get
>> revoked again.
>>
>
> It doesn't look like anything is running at vm-4197.unit-is.com(195.211.153.54), or at least nothing that's willing to talk to me...
>
> All 1000 scanned ports on vm-4197.unit-is.com (195.211.153.54) are
> filtered
>
> --
> Charley
>
> _______________________________________________
> sudo-sys mailing list
> sudo-sys at lists.sudoroom.org
> https://lists.sudoroom.org/listinfo/sudo-sys
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sudoroom.org/pipermail/sudo-sys/attachments/20140517/fd2d14f5/attachment.html>
More information about the sudo-sys
mailing list