On Thu, Feb 8, 2018 at 7:26 AM, Kai Engert via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote:
> On 16.10.2017 19:32, Gervase Markham via dev-security-policy wrote: > > The subCAs that we know of that fall into this category belong to Google > > and Apple. If there are any other subCAs that fall into this category, > > please let us know immediately. Google has one such subCA; Apple has > seven. > > Besides the informal list of 9 subCAs (8 unexpired) that Gerv has posted > on 2017-10-17, has Mozilla learned about any additional subCAs that will > require a similar treatment? > > The Chrome team has posted a set of subordinate CAs to whitelist [1] that contains some differences from the list that Gerv posted. I will ask Apple, Google, and DigiCert to confirm which subordinates need to be whitelisted. [1] https://chromium.googlesource.com/chromium/src/+/master/net/data/ssl/symantec/README.md I assume that the end of the primary development phase for Firefox 60, > which is early March 2018, will be the deadline to add whitelisting for > any such subCAs. > > Kai > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy