Hi Wayne,
This is how its supposed to work under eIDAS:
1. Check the value of the QCStatement [1] of the certificate under
problem (which is the location of PDS);
2. Open the PDS and check relevant contact info as in [2].
Thanks,
M.D.
[1] see 4.3.4 (QCStatement regarding location of PKI
On Sun, Jan 21, 2018 at 2:14 PM, Ryan Sleevi via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
>
> > I think the whole CA incident reporting question has lots of room for
> > improvement. And I think this should be considered in a way that people
> > who are not familiar
Today I noticed the following ComSign response to question 6 [1] in
Mozilla's November 2017 CA Communication:
We are in the process of perfecting our CAA system. As far as I know we do
> not have a devoted mailbox for problem reporting in the root program, the
> mail for that should be mine –
On 22/01/2018 10:47, Gervase Markham wrote:
On 19/01/18 13:20, Jakob Bohm wrote:
My suggestions are only meant to inspire formal rules written / chosen
by module leaders such as you.
But the entire point of this discussion is that we are pointing out it's
hard to make such rules in the way
On Monday, January 22, 2018 at 1:26:01 AM UTC-8, ihave...@gmail.com wrote:
> Hi,
>
> Just as an FYI, I am still getting 404. My geographic location is UAE if that
> helps at all.
>
> My openssl command:
> openssl ocsp -issuer gtsx1.pem -cert goodr1demopkigoog.crt -url
>
If I may give a shorter answer than Peter: for authentication purposes (as
used in the WebPKI with non-RSA-key-exchange ciphersuites in TLS) there is
no current deprecation plans for 2048-bit RSA.
Alex
On Sat, Jan 20, 2018 at 12:00 PM, Peter Bowen via dev-security-policy <
On 19/01/18 13:20, Jakob Bohm wrote:
> My suggestions are only meant to inspire formal rules written / chosen
> by module leaders such as you.
But the entire point of this discussion is that we are pointing out it's
hard to make such rules in the way you have just made them without being
Hi,
Just as an FYI, I am still getting 404. My geographic location is UAE if that
helps at all.
My openssl command:
openssl ocsp -issuer gtsx1.pem -cert goodr1demopkigoog.crt -url
http://ocsp.pki.goog/GTSGIAG3 -CAfile gtsrootr1.pem
Error querying OCSP responder
77317:error:27075072:OCSP
8 matches
Mail list logo
