Interesting they could not figure out pattern 1? Wonder if there is any additional metadata to point at a vendor or provider..
hannob 3 hours ago [-]
My best guess would be some kind of netapp product, as we saw some self-signed certs on hosts that identified as netapp. But netapp didn't answer, and we got either no or no useful feedback from any of the certificate owners. So we ended up being unable to figure that out.
I'll probably share a list in some way soon and will try to ask the wider cryptographic and TLS community if anyone can figure it out.
nickf 55 minutes ago [-]
Hanno - we may have communicated before some years ago, but am more than happy to offer any help I can (if some of our customers are/were affected, happy to reach out and see if they can give you more answers as to which products).
nick (at) sectigo (dot) com
Interesting they could not figure out pattern 1? Wonder if there is any additional metadata to point at a vendor or provider..
I'll probably share a list in some way soon and will try to ask the wider cryptographic and TLS community if anyone can figure it out.