Good to know that our new certs are there :-) Regarding StartCom, these are the new certs we´ve generated and will be used to apply for inclusion in the Mozilla root program. Nothing to disclose at the moment I guess. We´ve not been audited yet nor applied.
Best regards Iñigo Barreira CEO StartCom CA Limited -----Original Message----- From: dev-security-policy [mailto:dev-security-policy-bounces+inigo=startcomca....@lists.mozilla.org] On Behalf Of Rob Stradling via dev-security-policy Sent: jueves, 27 de abril de 2017 12:38 To: mozilla-dev-security-policy <mozilla-dev-security-pol...@lists.mozilla.org> Subject: Re: Symantec Conclusions and Next Steps On 26/04/17 21:21, Rob Stradling via dev-security-policy wrote: <snip> > (Note: A few of the non-Symantec entries currently listed by > https://crt.sh/mozilla-disclosures#undisclosed are false positives, I > think. It looks like Kathleen has marked some roots as "Removed" on > CCADB ahead of the corresponding certdata.txt update on mozilla-central). Ah, I take that back. The March certdata.txt update did hit mozilla-central on 11th April, but I missed an alert. I've just pushed that update to crt.sh. https://crt.sh/mozilla-disclosures#undisclosed is currently free of false positives. It shows that DigiCert, StartCom and Symantec are currently out-of-compliance with Mozilla's disclosure requirement. -- Rob Stradling Senior Research & Development Scientist COMODO - Creating Trust Online _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy