Dear Gervase, Yes, the certificate issuance process is performed by each of these five components, except, TSA is used for code issuance and PDF issuance, not related with SSL certificates issuance.
Thanks, Xiaosheng Tan 在 2016/10/10 下午7:11,“Gervase Markham”<g...@mozilla.org> 写入: Hi Xiaosheng. On 09/10/16 14:54, 谭晓生 wrote: > There are 5 components of StartCom’s business supporting software: It might be useful if you were to explain what function in the certificate issuance process is performed by each of these five components. > 3. PKI – signing service > Code: Same code with WoSign’s one. > Server: Shared Server. > Location: The primary one is hosted in Qihoo 360 head quarter’s data center in Beijing since Dec 2015, there is a backup server in Wosign’s office in Shenzhen. > Business Process: Same Presumably the fact that this code is shared with WoSign explains why the StartCom serial numbers changed to be "WoSign-style" in December 2015. > 5. TSA > Code: Same code with Wosign’s one. > Server: Dedicate server, no sharing. > Location: StartCom TSA: http://tsa.startssl.com is located in Qihoo 360 Los Angeles IDC, WoSign TSA: http://timestamp.wosign.com is hosted in Qihoo 360 China IDC. > Business Process: Same Is this server involved in SSL certificate issuance at all? Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy