On 10/6/2016 10:49 AM, Peter Bowen wrote: > I think the community has discussed cross-signing both in this > discussion and in the broader discussion of the trust graph. > > https://wiki.mozilla.org/CA:WoSign_Issues#Cross_Signing lists all the > known cross-signs of WoSign. > > https://wiki.mozilla.org/CA:SubordinateCAcerts provides info on all > subordinate (including cross-signed) CAs for each root in the Mozilla > program. Rob Stradling of Comodo combined this with certificate > transparency information to generate > https://crt.sh/mozilla-disclosures. > > As for Comodo, they have published > https://secure.comodo.com/products/publiclyDisclosedSubCACerts for a > while now. It shows which subordinates are operated by Comodo and > which are independently operated. Thank you for putting all information in one place. At the moment, they are pieces of disclosure records only but that's good to work on it. > > The next step for Mozilla is to determine how to handle the 285 CA > certificates not disclosed in the Mozilla SF system and the 80 that > are under disclosed. Sure, Mozilla and this community should.
_______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
