Sorry, we don't have deadline. And no plan to close it in PKI side, we keep the right to active it at any time, and we can issue this free SSL certificate for subscribers at any time if customers need it.
Best Regards, Richard > On 6 Dec 2016, at 07:49, Percy <percyal...@gmail.com> wrote: > > When I was trying to inform Apple to put a time constrain on the intermediate > CA, you implied such constrain not necessary because no new certs will be > issued. Clearly, you know already that the users can still get certs from > reseller and potentially abuse it due to all the control failures > investigated by Mozilla. Otherwise, you could have closed the issuing certs > in the PKI, and no resellers would be able to issue new certs. > > Since new certs are still issued by WoSign, could you please give a timeline > on when such no new certs will be issued, via wosign, resellers, no any other > method? > >> On Monday, December 5, 2016 at 3:43:35 PM UTC-8, Richard Wang wrote: >> We checked our system, this order is from one of the reseller. We have many >> resellers that used the API, we noticed all resellers to close the free SSL, >> but they need some time to update the system. >> The most important thing is this certificate is issued by proper way that >> this subscriber finished the domain validation, so this is not a >> mis-issuance, not "deceiving". >> >> Best Regards, >> >> Richard >> >>> On 6 Dec 2016, at 06:57, Percy <percyal...@gmail.com> wrote: >>> >>> WoSign is actively deceiving this community again. >>> >>> In Nov. 13th, in the thread Apple's response to the WoSign incidents, I >>> stated that "CA 沃通免费SSL证书 G2", the intermediate CA of this certificate >>> should be time constrained by Apple. But Richard stated that "WoSign >>> stopped to issue free SSL certificate from those two intermediate CAs since >>> Sept 29. " >>> (https://groups.google.com/d/msg/mozilla.dev.security.policy/lWJ1zdUJPLI/z1sxa6WRCAAJ) >>> >>> I'm asking WoSign please explain why on the public website and on this >>> forum, you stated no new certs will be issued under this very intermediate >>> CA, but now you said this is not a issue? >>> _______________________________________________ >>> dev-security-policy mailing list >>> dev-security-policy@lists.mozilla.org >>> https://lists.mozilla.org/listinfo/dev-security-policy > > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
