On Friday, September 16, 2016 at 6:07:56 AM UTC-4, Richard Wang wrote:
> Hi Gerv,
> This is the final report: 
> https://www.wosign.com/report/WoSign_Incident_Final_Report_09162016.pdf 
> Please let me if you have any questions about the report, thanks.
> Best Regards,
> Richard Wang
> WoSign CA Limited

Hi Richard,

Thank you for you and your team's hard work on the report. As an observer, I 
found it very informative.

I do have a follow up question regarding Issue P. I'm curious as to why this 
test ever took place with publicly trusted certificates given that the SM2 
algorithm is not allowed by the CA/B Forum.

Say this test was "successful". Whats next? Since SM2 is not allowed, was 
WoSign planning on introducing a ballot to the CA/B Forum to approve SM2?


dev-security-policy mailing list

Reply via email to