On Tue, Jul 16, 2019 at 12:12:57PM -0700, Kathleen Wilson via dev-security-policy wrote: > Mozilla: Overdue Audit Statements > CA Owner: LuxTrust > Root Certificates: > LuxTrust Global Root 2 > Standard Audit: > https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf > Standard Audit Period End Date: 2018-03-30 > BR Audit: > https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf > BR Audit Period End Date: 2018-03-30 > EV Audit: > https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf > EV Audit Period End Date: 2018-03-30 > CA Comments: null
For the overdue statements, I always see a comment, ussually something like: | ** Audit Case in the Common CA Database is under review for this root | certificate. But this root CA doesn't seem to have have any comment. Nor does this one: > Mozilla: Overdue Audit Statements > CA Owner: Asseco Data Systems S.A. (previously Unizeto Certum) > Root Certificates: > Certum Trusted Network CA 2 > Certum CA > Certum Trusted Network CA > Standard Audit: > https://bug1286477.bmoattachments.org/attachment.cgi?id=9001516 > Standard Audit Period End Date: 2018-03-26 > BR Audit: https://bug1286477.bmoattachments.org/attachment.cgi?id=9001514 > BR Audit Period End Date: 2018-03-26 > EV Audit: https://bug1286477.bmoattachments.org/attachment.cgi?id=9001515 > EV Audit Period End Date: 2018-03-26 > CA Comments: null Will you open such audit cases? Is this just some timing problem that the mails got sent before it could be opened? I also miss things like the state in the intermediate summary you sent. Kurt _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
