Changes to ccadb.org site and report links
All, We've made the following changes to the ccadb.org site. 1) The general links providing data for all CAs and certs in the CCADB have been updated from "mozilla" to "ccadb". In particular the first three links in the General section on the Resources tab have been updated. https://ccadb.org/resources#general * All certs (root and intermediate) in CCADB (CSV) * List of CA problem reporting mechanisms (email, etc.) * List of CAA Identifiers The new links: http://ccadb-public.secure.force.com/ccadb/AllCertificateRecordsCSVFormat https://ccadb-public.secure.force.com/ccadb/AllProblemReportingMechanismsReport https://ccadb-public.secure.force.com/ccadb/AllCAAIdentifiersReport The old links still work, but please migrate to the new links at your convenience. 2) A new page has been added to the "For CAs" tab called "Request Access". This new page includes a link to a form that can be used for CAs to request access to the CCADB when they are in the root inclusion process for Mozilla's or Microsoft's programs. A submitted form creates a Lead in the CCADB that normally will be processed by me (for Mozilla) or Karina (for Microsoft). Once verified and approved, the Lead will generate the new CA Owner record and corresponding Primary Point of Contact. As always, I appreciate your thoughtful and constructive feedback on the CCADB. Thanks, Kathleen ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: ccadb.org
The ccadb.org site is now https. Please let me know if you run into any problems with the ccadb.org site. Thanks for your patience. Kathleen ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: ccadb.org
On 2/9/18 7:52 AM, Kathleen Wilson wrote: On 2/7/18 11:41 AM, Kathleen Wilson wrote: All, At 6pm PST on Thursday, February 8th, we will begin the migration of ccadb.org to https. It is possible that during this migration users may receive errors when trying to access the ccadb.org site. All, Something went wrong, so the changes had to be rolled back. Stay tuned... Kathleen The team is going to attempt to migrate ccadb.org from http to https on the evening of Thursday, March 8. It is possible that during this migration users may receive errors when trying to access the ccadb.org site. A fix has been implemented for the problem that was encountered the last time the migration was attempted. Kathleen ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: ccadb.org
On 2/7/18 11:41 AM, Kathleen Wilson wrote: All, At 6pm PST on Thursday, February 8th, we will begin the migration of ccadb.org to https. It is possible that during this migration users may receive errors when trying to access the ccadb.org site. All, Something went wrong, so the changes had to be rolled back. Stay tuned... Kathleen ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: ccadb.org
On 1/30/18 6:19 AM, Gervase Markham wrote: On 30/01/18 00:48, James Burton wrote: I was doing research on the ccadb.org site and was surprised to find that the site is running only in HTTP and is not using HTTPS. Now, I understand that GitHub pages don't support HTTPS for custom domains but you could always use CloudFlare for HTTPS support in the meantime until GitHub enables HTTPS for custom domains. The Cloudflare solution turns out not to be ideal for Mozilla IT. They have instead proposed another solution using AWS and Nubis, which is being implemented in the (infrastructure-confidential) bug https://bugzilla.mozilla.org/show_bug.cgi?id=1409786 . I've pinged the bug so hopefully something should happen soon. Gerv All, At 6pm PST on Thursday, February 8th, we will begin the migration of ccadb.org to https. It is possible that during this migration users may receive errors when trying to access the ccadb.org site. Cheers, Kathleen ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: ccadb.org
On 30/01/18 00:48, James Burton wrote: > I was doing research on the ccadb.org site and was surprised to find that > the site is running only in HTTP and is not using HTTPS. Now, I understand > that GitHub pages don't support HTTPS for custom domains but you could > always use CloudFlare for HTTPS support in the meantime until GitHub > enables HTTPS for custom domains. The Cloudflare solution turns out not to be ideal for Mozilla IT. They have instead proposed another solution using AWS and Nubis, which is being implemented in the (infrastructure-confidential) bug https://bugzilla.mozilla.org/show_bug.cgi?id=1409786 . I've pinged the bug so hopefully something should happen soon. Gerv ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: ccadb.org
Hrm, I didn’t realize it had been restricted. The gist is that bug is closed as incomplete as of three months ago and there is a new bug that I don’t have access to: https://bugzilla.mozilla.org/show_bug.cgi?id=1409786 > On Jan 29, 2018, at 20:02, James Burton <j...@0.me.uk> wrote: > > Hi Jonathan, > > I haven't got the required permission to access bug 1376996. > > Thank you, > > James > > > On Tue, Jan 30, 2018 at 12:57 AM, Jonathan Rudenberg <jonat...@titanous.com> > wrote: > > > On Jan 29, 2018, at 19:48, James Burton via dev-security-policy > > <dev-security-policy@lists.mozilla.org> wrote: > > > > I was doing research on the ccadb.org site and was surprised to find that > > the site is running only in HTTP and is not using HTTPS. > > There is already a bug about this: > https://bugzilla.mozilla.org/show_bug.cgi?id=1376996 > ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: ccadb.org
Hi Jonathan, I haven't got the required permission to access bug 1376996. Thank you, James On Tue, Jan 30, 2018 at 12:57 AM, Jonathan Rudenberg <jonat...@titanous.com> wrote: > > > On Jan 29, 2018, at 19:48, James Burton via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > > > > I was doing research on the ccadb.org site and was surprised to find > that > > the site is running only in HTTP and is not using HTTPS. > > There is already a bug about this: https://bugzilla.mozilla.org/ > show_bug.cgi?id=1376996 ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: ccadb.org
> On Jan 29, 2018, at 19:48, James Burton via dev-security-policy > <dev-security-policy@lists.mozilla.org> wrote: > > I was doing research on the ccadb.org site and was surprised to find that > the site is running only in HTTP and is not using HTTPS. There is already a bug about this: https://bugzilla.mozilla.org/show_bug.cgi?id=1376996 ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
ccadb.org
I was doing research on the ccadb.org site and was surprised to find that the site is running only in HTTP and is not using HTTPS. Now, I understand that GitHub pages don't support HTTPS for custom domains but you could always use CloudFlare for HTTPS support in the meantime until GitHub enables HTTPS for custom domains. James ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy