On Tue, Apr 11, 2017 at 12:33 PM, Gervase Markham via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > > E-Sign's CPS URL is given in its audit statement as: > https://www.e-sign.cl/uploads/cps_esign_388.pdf > > Grepping that document for "TLS" gives no hits. Can you help me some more? >
para Certificados de servidor Web - Table 4 Section 3.1.1.1 "subjectAltName" including type dNSName and iPAddress Also, search SSL. Not TLS :) > E-sign appear to be a Symantec SSL reseller: > https://www.e-sign.cl/soluciones/seguridad > but of course, I'm sure many companies are, and that's not necessarily a > problem. > Sure, but then such activities would not be audited or part of its CP/CPS, as that would be handled by the issuing CA that performs these roles. > > MSC Trustgate's audit statement gives no CPS URL. > https://cert.webtrust.org/SealFile?seal=2127&file=pdf https://www.msctrustgate.com/repository.htm https://www.msctrustgate.com/pdf/MSC%20Trustgate%20CPS%2001OCT2012%20V3%203%208%20final.pdf Which has Symantec's logo on it. And states "At this time, the domain-validated and organization-validated SSL Certificates issued by MSC Trustgate.com CAs under this CP are governed by the CABF Requirements. " Further, its CPS states "MSC Trustgate.com is a “Processing Center,” as described in CP § 1.1.2.1.2, which means MSC Trustgate.com has established a secure facility housing, among other things, CA systems, including the cryptographic modules holding the private keys used for the issuance of Certificates. MSC Trustgate.com acts as a CA in the STN and performs all Certificate lifecycle services of issuing, managing, revoking, and renewing Certificates. " _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy