In this link,,
you´ll find the detailed remediation plan for StartCom as was notified last
week. It took us some time to have all the people needed for these tasks and
clarify the dates for fixing all the possible findings.

StartCom considers this plan accurate and enough to the Mozilla community,
specially for their users base, to regain and keep the confidence on our
capacity as a trusted CA.


In the plan you all can see that regarding the PKI system, there are 2
actions based on timing, but always using the current roots, we may rethink,
due to the email delivered by Mozilla yesterday, if the mid term solution
has to be changed and instead of doing for the current roots, this has to be
done for new roots, which would mean a longer delay because would need to
almost start from scratch.

We´d like to hear from Mozilla in this regard and if so, would allow
Startcom some more time. 

Anyway, this remediation plan is to be executed by all means, but would like
to be sure about the mid term solution.




Attachment: smime.p7s
Description: S/MIME cryptographic signature

dev-security-policy mailing list

Reply via email to