Hello m.d.s.p., I'd just like to give the community a heads up that Chrome’s plan remains to put up a blog post echoing our recent announcement on blink-dev [1], but in the meantime, we are reviewing the facts related to Symantec’s sale of their PKI business to DigiCert [2].
Recently, it has come to our attention that Symantec may have selected DigiCert from the RFP process to become a Managed CA Partner. As defined in Google’s first Managed CA proposal [3], then supported by Symantec’s commitment to “[cover] all aspects of the SubCA proposal” [4], and finally reiterated in Google’s final proposal [1], the requirement has always been that the Managed Partner Infrastructure be operated by an independent and non-affiliated CA while Symantec worked to rebuild the web community's confidence. Based on this information, we have a series of questions that we’d like Symantec to address for public discussion: 1. Just to confirm, Did Symantec select DigiCert to be Managed CA Partner under the RFP process? If so, in light of DigiCert’s acquisition of Symantec’s PKI business and Symantec’s substantial equity investment in DigiCert, can you explain how you believe selecting DigiCert as the Managed CA Partner meets the stated requirement of being an independent and non-affiliated organization? 2. Were any additional CAs selected to be a Managed CA Partner from the list of trusted CAs that Symantec “felt best met the browser requirements”? [1]https://groups.google.com/a/chromium.org/d/msg/blink-dev/eUAKwjihhBs/El1mH8S6AwAJ [2]http://investor.symantec.com/About/Investors/press-releases/press-release-details/2017/DigiCert-to-Acquire-Symantecs-Website-Security-and-Related-PKI-Solutions/default.aspx [3]https://groups.google.com/a/chromium.org/d/msg/blink-dev/eUAKwjihhBs/ovLalSBRBQAJ [4]https://groups.google.com/a/chromium.org/d/msg/blink-dev/eUAKwjihhBs/6iZUc7kOCAAJ _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
