Re: Policy 2.6 Proposal: Require disclosure of S/MIME validation practices

2018-03-30 Thread Wayne Thayer via dev-security-policy
This change is made in the 2.6 branch: https://github.com/mozilla/pkipolicy/commit/42ebde18794bc1690885bfdd4e3fb12e7c2c832b We'll need to discuss a deadline for the CPS updates to be published. - Wayne On Mon, Mar 26, 2018 at 12:59 PM, Tim Hollebeek wrote: > I

Re: Audits for new subCAs

2018-03-30 Thread Wayne Thayer via dev-security-policy
On Thu, Mar 29, 2018 at 12:55 PM, Ryan Sleevi wrote: > > I think, for new CAs, the KGC report and the stated CP/CPS, combined with > ensuring that the next audit that covers the period of time stated on the > KGC report includes that certificate, seems like a reasonable balance.

Re: Audits for new subCAs

2018-03-30 Thread Wayne Thayer via dev-security-policy
Tim, On Fri, Mar 30, 2018 at 7:00 AM, crawfordtimj--- via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > On Thursday, March 29, 2018 at 2:56:17 PM UTC-5, Ryan Sleevi wrote: > > On Thu, Mar 29, 2018 at 2:46 PM, Wayne Thayer via dev-security-policy < > >

Re: Policy 2.6 Proposal: Permit issuance during change in ownership

2018-03-30 Thread Wayne Thayer via dev-security-policy
On Thu, Mar 29, 2018 at 2:12 PM, Ryan Sleevi wrote: > > > On Thu, Mar 29, 2018 at 4:03 PM, Wayne Thayer wrote: > >> On Thu, Mar 29, 2018 at 8:53 AM, Ryan Sleevi wrote: >> >>> >>> On Mon, Mar 26, 2018 at 3:46 PM, Wayne Thayer via

Re: AC Camerfirma Chambers of Commerce and Global Chambersign 2016 Root Inclusion Request

2018-03-30 Thread Wayne Thayer via dev-security-policy
On Wed, Mar 28, 2018 at 3:45 AM, ramirommunoz--- via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > > On Tuesday, March 27, 2018 at 10:37:07 PM UTC+2, Wayne Thayer wrote: > > Hi Ramiro, > > > > On Fri, Mar 23, 2018 at 11:52 AM, ramirommunoz--- via > dev-security-policy < >

Re: Policy 2.6 Proposal: Require audits back to first issuance

2018-03-30 Thread crawfordtimj--- via dev-security-policy
On Thursday, March 29, 2018 at 10:59:10 AM UTC-5, Ryan Sleevi wrote: > On Mon, Mar 26, 2018 at 3:06 PM, Wayne Thayer via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > > > Mozilla began requiring BR audits for roots in our program in 2013 [1], but > > we have a vague

Re: Audits for new subCAs

2018-03-30 Thread crawfordtimj--- via dev-security-policy
On Thursday, March 29, 2018 at 2:56:17 PM UTC-5, Ryan Sleevi wrote: > On Thu, Mar 29, 2018 at 2:46 PM, Wayne Thayer via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > > I think, for new CAs, the KGC report and the stated CP/CPS, combined with > ensuring that the next