Mis-issued Certificates for SAN iPAddress:1.1.1.1 by Fina RDC 2020
7 days ago
- #certificates
- #compliance
- #security
- Public report highlights mis-issued certificates by Fina RDC 2020 containing the IP address 1.1.1.1.
- Three certificates are still valid as of September 3, 2025, with questionable control over the IP address.
- Listed certificates include details like serial numbers, subject CNs, SANs, and links to crt.sh and Censys.
- Fina RDC 2020, a subordinate CA of Fina Root CA, is involved, with the latter trusted by Microsoft.
- Apparent violations of CA/Browser Forum TLS Baseline Requirements and Fina's own policies are noted.
- Request for Fina to investigate, revoke non-compliant certificates, and provide a public incident report.