All, SERPRO has communicated to me that they are working on integrating pre-issuance linting into their CA processes. They are also considering obtaining a new CA certificate from ICP-Brasil. Thus, they are advising us that they need March to complete such work and will be able to re-commence discussion in April. Thanks, Ben
On Thu, Dec 15, 2022 at 10:53 AM Kurt Seifried <[email protected]> wrote: > I assume this resets the 6 week clock for dicussions? Or do they get to > call timeouts and run the clock out? > > On Thu, Dec 15, 2022 at 10:36 AM Ben Wilson <[email protected]> wrote: > >> All, >> >> We have received a request from SERPRO to pause the public discussion >> until the end of February while they re-assess their application and to >> give them time to prepare better answers to the questions raised here. As >> stated: >> >> We are going to organize ourselves to include more technical and more >> consistent answers in the group, since we consider it important to clarify >> all the doubts understood. >> We know that we have had a process for validating and issuing SSL/TLS >> certificates since 2019, in practice, we are always looking to improve >> every day, ensuring compliance with the requirements defined in the >> baseline. >> We would like to request a pause in this discussion in the AC SERPRO SSL >> group, until the end of February, which will be used to include the new >> responses as mentioned above. If the group had more questions, we ask that >> they continue to be forwarded so that we can use this new deadline to >> answer them. >> >> I am granting their request and will pick the discussion back up on March >> 1, 2023, unless SERPRO notifies me prior to then that they are prepared to >> re-convene. >> >> Sincerely yours, >> >> Ben Wilson >> Mozilla Root Store Manager >> >> On Wed, Dec 14, 2022 at 3:38 PM 'Cynthia Revström' via public < >> [email protected]> wrote: >> >>> Hi André, >>> >>> It feels like I am getting conflicting information here, can you please >>> clarify what method SERPRO uses in order to get domain contact info? >>> As far as I can tell you are saying that you use both who.is and RDAP >>> but I might very well be misunderstanding it. >>> >>> -Cynthia >>> >>> On Wed, Dec 14, 2022 at 7:52 PM André Silva < >>> [email protected]> wrote: >>> >>>> Hi Joel, >>>> The main purpose do use the WHOIS service is to get domain contact to >>>> proceed to domain validation, as described in BR SSL section *3.2.2.4*, >>>> after that we proceed to validation of the documentation presented by the >>>> entity (organization) by the government agencies. >>>> >>>> Em quarta-feira, 14 de dezembro de 2022 às 14:41:08 UTC-3, >>>> [email protected] escreveu: >>>> >>>>> Hello: >>>>> >>>>> I just want to make sure I clearly understand the use of who.is. So >>>>> for this certificate for infoconv.sicredi.io >>>>> https://crt.sh/?id=6202101964, since it is non-.br when SERPRO issued >>>>> it for the organization name of the bank BANCO COOPERATIVO SICREDI the >>>>> validation was to go to https://who.is/whois/sicredi.io and see that >>>>> Confederacao Sicredi was listed? Were there any other steps involved? >>>>> >>>>> Thanks, >>>>> Joel Reardon >>>>> On Wednesday, December 14, 2022 at 10:35:06 AM UTC-7 >>>>> [email protected] wrote: >>>>> >>>>>> On Wed, Dec 14, 2022 at 10:15 AM André Silva < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Hi all, >>>>>>> here we go again... >>>>>>> >>>>>> >>>>>> Thanks, also why were you not emailing from your work account at the >>>>>> beginning and instead using a throw-away Gmail account? It's very odd and >>>>>> potentially suspicious behavior that you would create a new email account >>>>>> to do this instead of using your existing account and I think it deserves >>>>>> an explanation (there must be a simple reason, right?). >>>>>> >>>>>> >>>>>>> >>>>>> -- >>>>>> Kurt Seifried (He/Him) >>>>>> [email protected] >>>>>> >>>>> -- >>>> You received this message because you are subscribed to a topic in the >>>> Google Groups "public" group. >>>> To unsubscribe from this topic, visit >>>> https://groups.google.com/a/ccadb.org/d/topic/public/Mux855BsRg4/unsubscribe >>>> . >>>> To unsubscribe from this group and all its topics, send an email to >>>> [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/ccadb.org/d/msgid/public/ae3fb36a-7a8e-4a48-acbd-250e3f6fe95an%40ccadb.org >>>> <https://groups.google.com/a/ccadb.org/d/msgid/public/ae3fb36a-7a8e-4a48-acbd-250e3f6fe95an%40ccadb.org?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "public" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/ccadb.org/d/msgid/public/CAKw1M3NAsiDuwyhsf8z3TP2odRFnyy4F%2BHg1JN8b%2BQ3eM-Z6DA%40mail.gmail.com >>> <https://groups.google.com/a/ccadb.org/d/msgid/public/CAKw1M3NAsiDuwyhsf8z3TP2odRFnyy4F%2BHg1JN8b%2BQ3eM-Z6DA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "public" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/ccadb.org/d/msgid/public/CA%2B1gtaYxBkk7_UR6yqvHvbhmchSLLoJymUdKNJnnj7FSHt_nTw%40mail.gmail.com >> <https://groups.google.com/a/ccadb.org/d/msgid/public/CA%2B1gtaYxBkk7_UR6yqvHvbhmchSLLoJymUdKNJnnj7FSHt_nTw%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> > > > -- > Kurt Seifried (He/Him) > [email protected] > -- You received this message because you are subscribed to the Google Groups "CCADB Public" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/ccadb.org/d/msgid/public/CA%2B1gtaZTr%2BwARRyS%2BbnXQew2G5nf%2B_xgeEqdAO2QA_e6n7KHfA%40mail.gmail.com.
