Certificate Blocklist

This directory contains a number of certificates and public keys which are to be treated as named-constrained during certiicate validation within Chromium-based products.

When applicable, additional information and the full certificate or key are included.

Compromises & Misissuances

India CCA

For details, see https://googleonlinesecurity.blogspot.com/2014/07/maintaining-digital-certificate-security.html and https://technet.microsoft.com/en-us/library/security/2982792.aspx

An unknown number of misissued certificates were issued by a sub-CA of India CCA, the India NIC. Due to the scope of the misissuance, the sub-CA was wholly revoked, and India CCA was constrained to a subset of India's ccTLD namespace.