Olivia
Online
Jeremy Rowley
@GreatAmus
Product dude at DigiCert. These tweets are my own opinion and not the views of my employer. They also aren't very good tweets...unless you like PKI memes.
Joined April 2014
130 Following
559 Followers
746 Posts
@_robstr @sleevi_ @chosensecurity @hardenize @ivanristic @clintw_ @sleevi Are you throwing shade over your own bad data? It was just bad data, right?
@vcsjones It's the best idea I could come up with address how you prevent pinning. Open to additional ideas of course, but it seemed like a straight forward way to address the concern.
@mattiasgeniar @hanno Yep - already did on the bug. Both the revoked and not revoked are public. I haven't published the reasons for each certificate that was not revoked but I'm hoping to today. Most of them are because of lockdowns in areas with high covid concerns.
Who to follow
DigiCert
@digicert
Intelligent Trust at work in the Real World ✨
Ryan Hurst 
@rmhrisk
Dropout. Father. I build things. Security, Cryptography, Engineering, Entrepreneurship. @peculiarventure + xMSFT + xGOOG ++. also on https://t.co/FaDXJfnZBm & Bluesky
PKI Consortium
@PKIConsortium
Trusted digital assets and communication for everyone and everything
@zhenech @hanno @mattiasgeniar @Scott_Helme Hence we were trying to figure out what exceptional circumstances are and the extent of "certificate is used in critical infrastructure" means. In the end, the delay we allowed was for those who were impacted by Covid
@zhenech @hanno @mattiasgeniar @Scott_Helme Well, we didn't expect an exception or extension. I think it's clear that there aren't any. Mozilla policy states "Mozilla recognizes that in some exceptional circumstances, revoking the affected certificates within the prescribed deadline may cause significant harm..."
@hanno This one: https://t.co/wl2jeb4xnc
@My1xT @Scott_Helme I doubt we would have considering internal policy and that the LE guys are all really cool people.
@My1xT @Scott_Helme There's just over 5k where they couldn't be replaced because of COVID. Planning to post the full list of revoked vs. not revoked today (along with the reasons given for the delay). I filtered through the reasons and rejected a lot.
@hanno The ICAs themselves aren't being revoked - just the EV under it (per the original bugzilla post). They're covered by BR audits so the remediation was to revoke all EV under them. I'll have to get back to you on the Secure Site one
@hanno The original list included all ICAs not covered by the EV audit. However, a lot of them weren't actually issuing EV so there isn't an issue with them. There was confusion about this internally as well and unfortunately that confusion made it to the KB article.
@vcsjones It was fair. It's super confusing on what is going. There's a ton of weird information (and our posts didn't necessarily help that). Too tired. It's a lot of certs to reissue.
@Scott_Helme @SeanWrightSec @UK_Daniel_Card It's not really harder. We have an ACME implementation with EV.
@jedisct1 @Scott_Helme This isn't accurate. We were listing the reasons people are asking for delays. The only exceptional reason under the Mozilla policy is for delays resulting from covid interferring with the revocation.
Most Popular Users
Elon Musk
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.2M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.4M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.1M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers