Bonjour, Le vendredi 6 février 2015 00:34:25 UTC+1, [email protected] a écrit : > A few weeks ago, I got some mails about a broken iframe. The secure > connection to the remote server failed (OCSP error). The site was signed > by Swiss Government SSL CA 01. I contacted the technical support and > they told me, that the Federal Office of Information Technology, Systems > and Telecommunication (FOITT) of Switzerland shut down their OCSP > servers! So all secure Swiss gov sites are broken if you requires OCSP. > I contacted them directly and tried to explain why the OCSP service is a > requirement for a CA, but they do not react. > > Maybe someone of the Mozilla security team could contact them again.
Swiss BIT Root certificate hasn't been accepted by Mozilla yet (see bug #435026). It may be interesting to know the certificate chain up to the public root, so that this public root can be required to enforce CABF BR for all its subordinate CAs. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
