Nick Lamb writes:
>Although we'd usually say "contract" means a signed piece of paper the law
>considers that just an artefact, a contract is the "meeting of minds"
>requiring both parties to understand and agree on its terms. That's why
>tricking someone into signing works in the movies but not
On Sun, Oct 16, 2016 at 05:13:54PM +0200, Kurt Roeckx wrote:
> On Sun, Oct 16, 2016 at 07:38:29AM -0700, Nick Lamb wrote:
> > On Sunday, 16 October 2016 08:59:13 UTC+1, Adrian R. wrote:
> > > They rolled back the revocation, but i thought that the BRs explicitly
> > > forbid that a suspended/revo
On Saturday, October 15, 2016 at 3:18:22 PM UTC-7, Eric Mill wrote:
> On Sat, Oct 15, 2016 at 4:31 AM, Peter Gutmann
> wrote:
>
> > The only one who's openly addressed this
> > seems to be Mozilla.
> >
>
> It would certainly be nice if Mozilla weren't the only openly operated root
> program. :)
On Sun, Oct 16, 2016 at 8:41 AM, Vincent Lynch wrote:
> Looking at the BRs (
> https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-1.4.1.pdf ).
> Section 4.10.1 says:
>
> "Revocation entries on a CRL or OCSP Response MUST NOT be removed until after
> the Expiry Date of the revoked Certi
Here is my understanding, according to the wording in GlobalSign's incident
report (
https://downloads.globalsign.com/acton/attachment/2674/f-06d2/1/-/-/-/-/globalsign-incident-report-13-oct-2016.pdf
):
-Revocation of the certificate was intended. GlobalSign writes: "In a
revocation exercise w
Sound to me like they probably still want that particular certificate revoked
as soon as the bug has been fixed.
CU Hans
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
On Sun, Oct 16, 2016 at 07:38:29AM -0700, Nick Lamb wrote:
> On Sunday, 16 October 2016 08:59:13 UTC+1, Adrian R. wrote:
> > They rolled back the revocation, but i thought that the BRs explicitly
> > forbid that a suspended/revoked certificate be un-suspended/un-revoked.
>
> I don't know whether
On Sunday, 16 October 2016 08:59:13 UTC+1, Adrian R. wrote:
> They rolled back the revocation, but i thought that the BRs explicitly forbid
> that a suspended/revoked certificate be un-suspended/un-revoked.
I don't know whether the exact text permits this, but it seems from a common
sense point
在 2016年10月16日星期日 UTC+8下午3:59:13,Adrian R.写道:
> Hello
>
> i read in the news (but not here on m.d.s.p) that a few days ago Globalsign
> revoked one of their intermediary roots and then un-revoked it (well, the
> revocation is accidental, but it was still a properly announced revocation,
> via si
The revocation was not accidental. They intended to do it, it was only the
effects they did not like. (Because of buggy software?)
So, what can you do when that happens. Seems best to pull try and undo the
revocation. Perhaps even when you can't do that according to the rules.
CU Hans
_
So that explains why our URL checking batch job was logging certificate invalid
errors for some 700 links to the Wikipedia we have on our website for two days.
I checked with a browser but couldn't see anything wrong. Make more sense
knowing this... ;-)t
CU Hans
Hello
i read in the news (but not here on m.d.s.p) that a few days ago Globalsign
revoked one of their intermediary roots and then un-revoked it (well, the
revocation is accidental, but it was still a properly announced revocation, via
signed CRL and OCSP).
http://www.theregister.co.uk/2016/10
12 matches
Mail list logo
