[v2.7] nss: Mis-issued ANSSI/DCSSI certificate
Announced: December 10, 2013
Google notified Mozilla that an intermediate certificate, which chains up to a root included in Mozilla’s root store, was loaded into a man-in-the-middle (MITM) traffic management device. This certificate was issued by Agence nationale de la sécurité des systèmes d’information (ANSSI), an agency of the French government and a certificate authority in Mozilla’s root program. A subordinate certificate authority of ANSSI mis-issued an intermediate certificate that they installed on a network monitoring device, which enabled the device to act as a MITM proxy performing traffic management of domain names or IP addresses that the certificate holder did not own or control.
(from redmine: issue id 2575, created on 2014-01-08, closed on 2014-02-05)
- parent #2571 (closed)
- Revision 1bbb01db by Natanael Copa on 2014-02-05T08:23:58Z:
main/nss: security upgrade to 220.127.116.11 fixes #2575