All,
SERPRO has communicated to me that they are working on integrating
pre-issuance linting into their CA processes. They are also considering
obtaining a new CA certificate from ICP-Brasil. Thus, they are advising us
that they need March to complete such work and will be able to re-commence
discussion in April.
Thanks,
Ben


On Thu, Dec 15, 2022 at 10:53 AM Kurt Seifried <[email protected]> wrote:

> I assume this resets the 6 week clock for dicussions? Or do they get to
> call timeouts and run the clock out?
>
> On Thu, Dec 15, 2022 at 10:36 AM Ben Wilson <[email protected]> wrote:
>
>> All,
>>
>> We have received a request from SERPRO to pause the public discussion
>> until the end of February while they re-assess their application and to
>> give them time to prepare better answers to the questions raised here.  As
>> stated:
>>
>> We are going to organize ourselves to include more technical and more
>> consistent answers in the group, since we consider it important to clarify
>> all the doubts understood.
>> We know that we have had a process for validating and issuing SSL/TLS
>> certificates since 2019, in practice, we are always looking to improve
>> every day, ensuring compliance with the requirements defined in the
>> baseline.
>> We would like to request a pause in this discussion in the AC SERPRO SSL
>> group, until the end of February, which will be used to include the new
>> responses as mentioned above. If the group had more questions, we ask that
>> they continue to be forwarded so that we can use this new deadline to
>> answer them.
>>
>> I am granting their request and will pick the discussion back up on March
>> 1, 2023, unless SERPRO notifies me prior to then that they are prepared to
>> re-convene.
>>
>> Sincerely yours,
>>
>> Ben Wilson
>> Mozilla Root Store Manager
>>
>> On Wed, Dec 14, 2022 at 3:38 PM 'Cynthia Revström' via public <
>> [email protected]> wrote:
>>
>>> Hi André,
>>>
>>> It feels like I am getting conflicting information here, can you please
>>> clarify what method SERPRO uses in order to get domain contact info?
>>> As far as I can tell you are saying that you use both who.is and RDAP
>>> but I might very well be misunderstanding it.
>>>
>>> -Cynthia
>>>
>>> On Wed, Dec 14, 2022 at 7:52 PM André Silva <
>>> [email protected]> wrote:
>>>
>>>> Hi Joel,
>>>> The main purpose do use the WHOIS service is to get domain contact to
>>>> proceed to domain validation, as described in BR SSL section *3.2.2.4*,
>>>> after that we proceed to validation of the documentation presented by the
>>>> entity (organization) by the government agencies.
>>>>
>>>> Em quarta-feira, 14 de dezembro de 2022 às 14:41:08 UTC-3,
>>>> [email protected] escreveu:
>>>>
>>>>> Hello:
>>>>>
>>>>> I just want to make sure I clearly understand the use of who.is. So
>>>>> for this certificate for infoconv.sicredi.io
>>>>> https://crt.sh/?id=6202101964, since it is non-.br when SERPRO issued
>>>>> it for the organization name of the bank BANCO COOPERATIVO SICREDI the
>>>>> validation was to go to  https://who.is/whois/sicredi.io and see that
>>>>> Confederacao Sicredi was listed? Were there any other steps involved?
>>>>>
>>>>> Thanks,
>>>>> Joel Reardon
>>>>> On Wednesday, December 14, 2022 at 10:35:06 AM UTC-7
>>>>> [email protected] wrote:
>>>>>
>>>>>> On Wed, Dec 14, 2022 at 10:15 AM André Silva <
>>>>>> [email protected]> wrote:
>>>>>>
>>>>>>> Hi all,
>>>>>>> here we go again...
>>>>>>>
>>>>>>
>>>>>> Thanks, also why were you not emailing from your work account at the
>>>>>> beginning and instead using a throw-away Gmail account? It's very odd and
>>>>>> potentially suspicious behavior that you would create a new email account
>>>>>> to do this instead of using your existing account and I think it deserves
>>>>>> an explanation (there must be a simple reason, right?).
>>>>>>
>>>>>>
>>>>>>>
>>>>>> --
>>>>>> Kurt Seifried (He/Him)
>>>>>> [email protected]
>>>>>>
>>>>> --
>>>> You received this message because you are subscribed to a topic in the
>>>> Google Groups "public" group.
>>>> To unsubscribe from this topic, visit
>>>> https://groups.google.com/a/ccadb.org/d/topic/public/Mux855BsRg4/unsubscribe
>>>> .
>>>> To unsubscribe from this group and all its topics, send an email to
>>>> [email protected].
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/a/ccadb.org/d/msgid/public/ae3fb36a-7a8e-4a48-acbd-250e3f6fe95an%40ccadb.org
>>>> <https://groups.google.com/a/ccadb.org/d/msgid/public/ae3fb36a-7a8e-4a48-acbd-250e3f6fe95an%40ccadb.org?utm_medium=email&utm_source=footer>
>>>> .
>>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "public" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to [email protected].
>>> To view this discussion on the web visit
>>> https://groups.google.com/a/ccadb.org/d/msgid/public/CAKw1M3NAsiDuwyhsf8z3TP2odRFnyy4F%2BHg1JN8b%2BQ3eM-Z6DA%40mail.gmail.com
>>> <https://groups.google.com/a/ccadb.org/d/msgid/public/CAKw1M3NAsiDuwyhsf8z3TP2odRFnyy4F%2BHg1JN8b%2BQ3eM-Z6DA%40mail.gmail.com?utm_medium=email&utm_source=footer>
>>> .
>>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "public" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>> To view this discussion on the web visit
>> https://groups.google.com/a/ccadb.org/d/msgid/public/CA%2B1gtaYxBkk7_UR6yqvHvbhmchSLLoJymUdKNJnnj7FSHt_nTw%40mail.gmail.com
>> <https://groups.google.com/a/ccadb.org/d/msgid/public/CA%2B1gtaYxBkk7_UR6yqvHvbhmchSLLoJymUdKNJnnj7FSHt_nTw%40mail.gmail.com?utm_medium=email&utm_source=footer>
>> .
>>
>
>
> --
> Kurt Seifried (He/Him)
> [email protected]
>

-- 
You received this message because you are subscribed to the Google Groups 
"CCADB Public" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/a/ccadb.org/d/msgid/public/CA%2B1gtaZTr%2BwARRyS%2BbnXQew2G5nf%2B_xgeEqdAO2QA_e6n7KHfA%40mail.gmail.com.

Reply via email to