On 11/20/2015 12:33 PM, Peter Bowen wrote [in part]:
> It would be good to clarify whether "subordinate CA" means the
> operator of the subordinate CA (a company or individual) or if it
> means the CA itself (e.g. the tuple of keypair and distinguished
> name).
This reflects the too casual use of
On Wednesday, November 18, 2015 at 5:43:57 PM UTC-8, Brian Smith wrote:
> Peter Bowen wrote:
>
> > 2) For commonName attributes in subject DNs, clarify that they can only
> > contain:
> >
> - IPv4 address in dotted-decimal notation (specified as IPv4address
> > from section 3.2.2 of RFC 3986)
> >
On 11/19/15 23:09, Kathleen Wilson wrote:
> By the time version 2.3 of Mozilla’s CA Cert Policy is published, I hope to
> have
> issued a CA Community License to every included CA. Taking that into
> consideration; I propose changing the policy as follows.
>
[snip]
>
> As always, I will apprecia
On Tue, Nov 3, 2015 at 4:24 PM, Kathleen Wilson wrote:
> Topic to discuss [1]:
> “(D3) Make the timeline clear about when the audit statements and disclosure
> has to happen for new audited/disclosed subCAs.
>
> Section 10 of the Inclusion Policy says:
> https://www.mozilla.org/en-US/about/governa
On 19/11/15 23:09, Kathleen Wilson wrote:
> “10. … The CA with a certificate included in Mozilla’s CA Certificate
> Program MUST disclose this information *in the CA Community in
> Salesforce* https://wiki.mozilla.org/CA:SalesforceCommunity>
> before any such subordinate CA is allowed to issue cert
On Fri, Nov 20, 2015 at 9:28 AM, wrote:
> Yes, thanks. I had CommonName field in mind and that is limited to 64
> characters but SubjectAltName is completely different when it comes to max
> length (even though they both hold a FQDN).
I had missed that limitation on commonName. I have added
Yes, thanks. I had CommonName field in mind and that is limited to 64
characters but SubjectAltName is completely different when it comes to max
length (even though they both hold a FQDN).
On Friday, November 20, 2015 at 11:49:49 AM UTC-5, Kurt Roeckx wrote:
>
> For some reason I missed this
On Fri, Nov 20, 2015 at 8:12 AM, Richard Barnes wrote:
> On Thu, Nov 19, 2015 at 6:22 PM, Matt Palmer wrote:
>
> > On Thu, Nov 19, 2015 at 05:00:03PM -0800, Kathleen Wilson wrote:
> > > Insert 3rd bullet point:
> > > "- translate into English the Certificate Policy and Certification
> > Practice
On 2015-11-20 17:27, Peter Bowen wrote:
On Fri, Nov 20, 2015 at 7:32 AM, Kurt Roeckx wrote:
On 2015-11-19 22:19, douglas.beat...@gmail.com wrote:
I realize I'm a little late to the game, but I had a question on the
maximum length. If I'm reading this correctly, it looks like you applied
the
On Fri, Nov 20, 2015 at 7:32 AM, Kurt Roeckx wrote:
> On 2015-11-19 22:19, douglas.beat...@gmail.com wrote:
>>
>> I realize I'm a little late to the game, but I had a question on the
>> maximum length. If I'm reading this correctly, it looks like you applied
>> the max length of 63 to the LABEL.
On Thu, Nov 19, 2015 at 6:22 PM, Matt Palmer wrote:
> On Thu, Nov 19, 2015 at 05:00:03PM -0800, Kathleen Wilson wrote:
> > Insert 3rd bullet point:
> > "- translate into English the Certificate Policy and Certification
> Practice
> > Statement documents pertaining to the certificates to be includ
On 11/19/2015 5:00 PM, Kathleen Wilson wrote:
> I would like to discuss this proposal[1] next:
>
> - (D26) Add a requirement for CAs to provide English-translated versions
> of their complete CP / CPS
>
> I think we would have to narrow it down a bit, because some CAs have
> several CP/CPS docu
On 2015-11-19 22:19, douglas.beat...@gmail.com wrote:
I realize I'm a little late to the game, but I had a question on the maximum
length. If I'm reading this correctly, it looks like you applied the max
length of 63 to the LABEL. Should it actually be to FQDN and WILDCARD? Is it
63 or 64?
I realize I'm a little late to the game, but I had a question on the maximum
length. If I'm reading this correctly, it looks like you applied the max
length of 63 to the LABEL. Should it actually be to FQDN and WILDCARD? Is it
63 or 64?
> I'm using to check dNSNames in GeneralNames:
>
> LA
On Fri, Nov 20, 2015 at 2:14 AM, Rob Stradling
wrote:
> On 20/11/15 00:34, Kathleen Wilson wrote:
>
>> There are two proposals on the table...
>>
>> Proposal A:
>> ~~
>> 8. We consider the algorithms and key sizes specified in section 6.1.5
>> of version 1.3 or later of the CA/Browser Forum Basel
On 20/11/15 00:34, Kathleen Wilson wrote:
There are two proposals on the table...
Proposal A:
~~
8. We consider the algorithms and key sizes specified in section 6.1.5
of version 1.3 or later of the CA/Browser Forum Baseline Requirements
for the Issuance and Management of Publicly-Trusted Certif
16 matches
Mail list logo