My StartSSL-certs are valid until 4th of october. Luckily I switched to Let's encrypt yesterday - with DANE, of course. ;-)
Regards, Renne Am 28.09.2016 um 00:29 schrieb Viktor Dukhovni: > WoSign (who seemingly purchased StartCom) seem to have run into > some compliance issues as reported by Firefox: > > > http://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-web-security/ > > Many SMTP servers are using certs from StartCom. In my DANE > adoption survey, out of 2201 certificates used by DANE MX > hosts 411 are issued by StartCom and 47 by WoSign. So that's > just over 20% of observed certificates. While the rate is > likely different for the larger SMTP ecosystem (DANE users > are bleeding edge, not representative at this time), I expect > that these CAs are still quite popular overall. > > If you're using StartCom/WoSign certs, and rely on them being > verified by MUAs and/or peer MTAs. you may want to make > contingency plans if Mozilla and perhaps others go through > with delisting (or disabling) the related root CAs from > their trusted CA bundles. >