Hi Ryan, We got confirmation from Cure 53 that new system passed the full security audit. Please contact Cure 53 directly to verify this, thanks.
We don't start the BR audit now. Best Regards, Richard On 12 Jul 2017, at 22:09, Ryan Sleevi <[email protected]<mailto:[email protected]>> wrote: On Tue, Jul 11, 2017 at 8:18 PM, Richard Wang <[email protected]<mailto:[email protected]>> wrote: Hi all, Your reported BR issues is from StartCom, not WoSign, we don't use the new system to issue any certificate now since the new root is not generated. PLEASE DO NOT mix it, thanks. Best Regards, Richard No, the BR non-compliance is demonstrated from the report provided to browsers - that is, the full report associated with this thread. That is, as currently implemented, the infrastructure for the new roots would not be able to receive an unqualified audit. Further system work is necessary, and that work is significant enough that it will affect the conclusions from the report. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
