All,
The Common CA Database has been updated with the new CCADB logos.
This means that when you go to login to the CA Community, at
https://mozillacacommunity.force.com
you will see the full "Common CA Database" logo.
(before it just had the old "mozilla" logo).
And when you are logged into the
Below is a summary of the audit reminder email that was sent today.
CA annual updates and audit statements should be provided via the CCADB, as
described here:
https://wiki.mozilla.org/CA:CommonCADatabase#How_To_Provide_Annual_Updates
Please note that I have not caught up from my vacation, and t
On Tue, Apr 18, 2017 at 1:32 PM, Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> I believe the point was to check the prospective contents of the
> TBSCertificate *before* CT logging (noting that Ryan Sleevi has been
> violently insisting that failing to do tha
On 18/04/2017 18:47, Nick Lamb wrote:
Hi Jeremy
Given the small number of certificates involved, it might make sense to just
convert them to text and mention them inline, or put them somewhere we can all
see them - if it's inconvenient to put them into the CT logs.
I think this situation will
Okay - they are all logged to both Google's CT log and DigiCert's CT log. I
can also send the PEM files shortly.
-Original Message-
From: dev-security-policy
[mailto:dev-security-policy-bounces+jeremy.rowley=digicert.com@lists.mozilla
.org] On Behalf Of Gervase Markham via dev-security-pol
On 18/04/17 17:22, Ryan Sleevi wrote:
> On Tue, Apr 18, 2017 at 12:09 PM, Jeremy Rowley via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>> code signing certificates into a pseudo- SSL profile. Because they were
>> intended to be code signing certificates, the certificates
Hi Jeremy
Given the small number of certificates involved, it might make sense to just
convert them to text and mention them inline, or put them somewhere we can all
see them - if it's inconvenient to put them into the CT logs.
I think this situation will be useful as evidence of the value of n
They are not currently logged to CT (because they were supposed to be code
signing certificates). We can add them to our log though.
Jeremy
From: Ryan Sleevi [mailto:r...@sleevi.com]
Sent: Tuesday, April 18, 2017 10:22 AM
To: Jeremy Rowley
Cc: mozilla-dev-security-pol...@lists.mozilla.org
S
On Tue, Apr 18, 2017 at 12:09 PM, Jeremy Rowley via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Hi everyone,
>
>
>
> On Friday at 1:00 pm, we accidently introduced a bug into our issuance
> system that resulted in five serverAuth-code signing certificates that did
> not c
Hi everyone,
On Friday at 1:00 pm, we accidently introduced a bug into our issuance
system that resulted in five serverAuth-code signing certificates that did
not comply with the Baseline Requirements. The change modified a handful of
code signing certificates into a pseudo- SSL profile. Becau
On 13/04/2017 15:46, Gervase Markham wrote:
Hi Rob,
You either have a great memory or good search-fu; well done for digging
this out!
On 12/04/17 22:14, Rob Stradling wrote:
Gerv, FYI what you're proposing here
(https://github.com/mozilla/pkipolicy/issues/69) was slated to appear in
v2.1 of th
11 matches
Mail list logo