On Wednesday, October 5, 2016 at 1:19:35 PM UTC-7, Kurt Roeckx wrote: > This is why browsers have something like OneCRL, so that they > actually do know about it and why Rob added that information > to the bug tracker > (https://bugzilla.mozilla.org/show_bug.cgi?id=906611#c2).
We are working on code/process for taking the Revoked Intermediate Cert data from Salesforce and updating OneCRL (with a manual approval step). So, in the near future the process will be for CAs to update Salesforce when one of their intermediate certs has been revoked. Then this information will get propagated into OneCRL. And we won't need a Bugzilla bug filed to add a revoked intermediate cert to OneCRL. It is my understanding that we will be able to add the revoked intermediate cert data that is currently in Salesforce to OneCRL within the next week or so. > > I'm just wondering if that was the correct bug to report this on > and that he shouldn't have opened a new one. Rob also added the data to Salesforce. After I have confirmed that the revoked intermediate cert data that is currently in Salesforce has been added to OneCRL, I will go through all of the open bugs in the dependency list of #1155095 (bug for tracking OneCRL blocklist entries), to make sure they all get addressed/closed. Kathleen _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy