2017年7月10日月曜日 15時00分04秒 UTC+9 Richard Wang: > Please note that the Mozilla requirement is: > > " 5. Provide auditor[3] attestation that a full security audit of the CA’s > issuing infrastructure has been successfully completed. " > " [3] The auditor must be an external company, and approved by Mozilla. " > > That WoSign did it very well -- PASS the full security audit. > > And Richard Wang leading the RD team have done a good job for the new system > development and passed the security audit. > > Best Regards, > > Richard > > -----Original Message----- > From: dev-security-policy > [mailto:dev-security-policy-bounces+richard=wosign....@lists.mozilla.org] On > Behalf Of Percy via dev-security-policy > Sent: Monday, July 10, 2017 12:41 PM > To: mozilla-dev-security-pol...@lists.mozilla.org > Subject: Re: WoSign new system passed Cure 53 system security audit > > So it seems that Richard Wang still has the final executive decisions > regarding security in daily operations. Basically WoSign simply changed the > title of the position from CEO to COO and bypassed Mozilla's requirement? > > On Sunday, July 9, 2017 at 7:26:28 PM UTC-7, Richard Wang wrote: > > The important thing is by the board of directors, the Company Legal > > Representative is changed to Mr. Shi Xiaohong, VP of 360. > > > > > > The daily operation thing is by COO. > > > > Best Regards, > > > > > > Richard > > > > > > > > From: Eric Mill [mailto:e...@konklone.com] > > Sent: Monday, July 10, 2017 10:12 AM > > To: Richard Wang <rich...@wosign.com> > > Cc: Itzhak Daniel <itk98...@gmail.com>; > > mozilla-dev-security-pol...@lists.mozilla.org > > Subject: Re: WoSign new system passed Cure 53 system security audit > > > > > > > > So who acts as the CEO for WoSign when final executive decisions need to be > > made? > > > > > > > > > > > > On Sun, Jul 9, 2017 at 9:41 PM, Richard Wang via dev-security-policy > > <dev-security-policy@lists.mozilla.org<mailto:dev-security-policy@lists.mozilla.org>> > > wrote: > > > > Mr Wang is the COO now according to Mr. Tan's public announcement on > > March CAB Forum meeting. > > > > CEO is still N/A, if anyone is interesting in the CEO position, please > > send your Resume to Mr. Tan. > > > > > > Best Regards, > > > > Richard > > > > > > -----Original Message----- > > From: dev-security-policy > > [mailto:dev-security-policy-bounces+richard<mailto:dev-security-policy-bounces%2Brichard>=wosign....@lists.mozilla.org<mailto:wosign....@lists.mozilla.org>] > > On Behalf Of Itzhak Daniel via dev-security-policy > > Sent: Monday, July 10, 2017 4:57 AM > > To: > > mozilla-dev-security-pol...@lists.mozilla.org<mailto:mozilla-dev-security-pol...@lists.mozilla.org> > > Subject: Re: WoSign new system passed Cure 53 system security audit > > > > Mr. Wang is mentioned on the end of the document, what is Richard Wang > > current official responsibility of Mr. Wang at WoSign? > > > > According to the incident report, release on October 2016 [1], Mr. Wang > > was suppose to be relieved of his duties as CEO, this is mentioned in 3 > > separate paragraphs (P.17,P.25,P.26). > > > > Links: > > 1. > > https://www.wosign.com/report/WoSign_Incident_Report_Update_07102016.pdf > > > > _______________________________________________ > > dev-security-policy mailing list > > > > dev-security-policy@lists.mozilla.org<mailto:dev-security-policy@lists.mozilla.org> > > https://lists.mozilla.org/listinfo/dev-security-policy > > _______________________________________________ > > dev-security-policy mailing list > > > > dev-security-policy@lists.mozilla.org<mailto:dev-security-policy@lists.mozilla.org> > > https://lists.mozilla.org/listinfo/dev-security-policy > > > > > > > > > > > > > > > > -- > > > > konklone.com<https://konklone.com> | > > @konklone<https://twitter.com/konklone> > > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy
It seems really interesting to me that Richard Wang himself is confirming Richard Wang did a good job on leading the new team, who caused all these problems in the first place. Also admitting that CEO is N/A and COO runs everything. So, nothing has changed except possibly lower salary. Chinese company are really mastermind when it comes to bypass regulations. Richard Leung _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy