Ma, M (Mingchao) wrote:
> It has been confirmed that SAM tests have updated the CA
> certificates by
> 2008-05-19 11:57. Sites still failed SAM tests after upgraded?
> OSCT-DC will
> follow the standard procedure to verify the release of new
> CA distribution.
Thanks, Mingchao. This is indeed puzzling - why aren't sites that
haven't upgraded failing? Why do sites that upgrade fail?
Incidentally, my test of EE certs finished this minute, and it has found
certificates with dodgy keys. Out of 11605 certificates (as of 14 May
which was when I fetched the certs), it has found 73 vulnerable keys.
--jens
|