Hi Tamura-san,
Thank you for your clarification! Doug From: Mitsuyoshi Tamura <[email protected]> Sent: Tuesday, July 9, 2024 10:50 PM To: [email protected] Cc: Ben Wilson <[email protected]>; [email protected] <[email protected]>; Doug Beattie <[email protected]> Subject: Re: Intent to Approve Cybertrust / JCSI Japan Root Inclusions Greetings, We are aware of Mozilla's "Recommended Practices," that states that a single-purpose root is preferred. Among three root CAs that we are requesting, CA 12 has already changed to become a single-purpose root CA. Regarding CA14 and 15, we will also change for single purpose before start issuing certificates for subscribers. Best regards, Mitsuyoshi Tamura Cybertrust Japan P.S. Please allow me to comment by miraclelinux.com domain that our company possess. 2024年7月9日火曜日 6:19:08 UTC+9 Ben Wilson: Hi Doug, Thanks for the question. I don't think we have set a date, but I'll continue to look into this to see if a date was ever proposed. In any event, we should open an issue in GitHub to remove this uncertainty. For Cybertrust Japan, I will need to look at the information in Bugzilla and the CCADB, but initially it appears that at least with Chrome they are only seeking inclusion of SecureSign Root CA12 for TLS. For SecureSign Root CA14 and SecureSign Root CA15, I may have missed where they might have already withdrawn one or both of them, but I'll have to read up. Sorry for the confusion. Please feel free to ask any additional follow-up questions. Thanks again, Ben On Mon, Jul 8, 2024 at 1:26 PM Doug Beattie <[email protected]> wrote: Hi Ben, The older 2 roots were well separated with one having server auth and client auth, and the other secure mail and code signing EKS, but the new set of 3 has Server auth in all of them along with a mix of other EKUs. When do CAs need to start providing dedicated TLS roots? Doug From: 'Ben Wilson' via [email protected] <[email protected]> Sent: Monday, July 8, 2024 11:47 AM To: [email protected] <[email protected]> Subject: Intent to Approve Cybertrust / JCSI Japan Root Inclusions All, >From May 10, 2024, through June 21, 2024, a six-week public discussion was >conducted regarding the request from Cybertrust Japan / JCSI for the inclusion >of the following root certificates: * SecureSign Root CA12 * SecureSign Root CA14 * SecureSign Root CA15 https://groups.google.com/a/ccadb.org/g/public/c/4OuyyOD-7ng/m/1ot5MFk4AAAJ There were no objections, questions, or comments in opposition to the request. This email is notice that Mozilla intends to approve the inclusion of the above-mentioned root certificates from Cybertrust Japan / JCSI. This begins a 7-day “last call” period for any final objections. Should there be any further concerns, please share them within this period. Thanks, Ben Wilson Mozilla Root Store Manager -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtaZ%3DN0-G52whyR-iMD0jFiSxnBgrufMZMWkPSLfmuX0_MQ%40mail.gmail.com <https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtaZ%3DN0-G52whyR-iMD0jFiSxnBgrufMZMWkPSLfmuX0_MQ%40mail.gmail.com?utm_medium=email&utm_source=footer> . -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/SEZPR03MB659387D1176BA4D7CC6276F3F0A42%40SEZPR03MB6593.apcprd03.prod.outlook.com.
smime.p7s
Description: S/MIME cryptographic signature
