On 12/09/2013 08:09 PM, From Kathleen Wilson:
On 12/9/13 9:42 AM, Kathleen Wilson wrote:Mozilla Security Blog post:https://blog.mozilla.org/security/2013/12/09/revoking-trust-in-one-anssi-certificate/Google's blog post:http://googleonlinesecurity.blogspot.com/2013/12/further-improving-digital-certificate.htmlThe CA's public statement:http://www.ssi.gouv.fr/fr/menu/actualites/suppression-d-une-branche-de-l-igc-a.htmlhttp://www.ssi.gouv.fr/en/the-anssi/events/revocation-of-an-igc-a-branch-808.htmlMicrosoft's security advisory: http://technet.microsoft.com/en-us/security/advisory/2916652 Opera's security blog post: http://blogs.opera.com/security/2013/12/certificate-update/
Well well....any actions applied upon the CA to improve controls in order to prevent another such occurrence? Is this CA compliant to the BR and Mozilla's CA policy and requirements? Any bug to track that?
-- Regards Signer: Eddy Nigg, StartCom Ltd. XMPP: [email protected] Blog: http://blog.startcom.org/ Twitter: http://twitter.com/eddy_nigg _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
