On Thu, Mar 29, 2018 at 4:57 PM, Wayne Thayer wrote:
> On Thu, Mar 29, 2018 at 8:57 AM, Ryan Sleevi wrote:
>
>>
>> I'm not fully sure I understand the proposal here.
>>
>> I would think that, for all roots created since 2012, the expectation
>>
> is that
On Thu, Mar 29, 2018 at 4:03 PM, Wayne Thayer wrote:
> On Thu, Mar 29, 2018 at 8:53 AM, Ryan Sleevi wrote:
>
>>
>> On Mon, Mar 26, 2018 at 3:46 PM, Wayne Thayer via dev-security-policy <
>> dev-security-policy@lists.mozilla.org> wrote:
>>
>>> When the
On Thu, Mar 29, 2018 at 8:57 AM, Ryan Sleevi wrote:
>
> I'm not fully sure I understand the proposal here.
>
> I would think that, for all roots created since 2012, the expectation
>
is that there is an unbroken series of audits, going from a Point in Time
> audit (of the
On Thu, Mar 29, 2018 at 8:53 AM, Ryan Sleevi wrote:
>
> On Mon, Mar 26, 2018 at 3:46 PM, Wayne Thayer via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
>> When the Francisco Partners acquisition of Comodo was announced, it was
>> pointed out [1] that a
On Thu, Mar 29, 2018 at 2:46 PM, Wayne Thayer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Thanks everyone for your input on this topic. I'm hearing consensus that we
> should not require a newly issued subordinate CA certificate to appear on
> an audit statement
On Fri, Mar 23, 2018 at 6:22 PM, Wayne Thayer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> I've drafted these changes:
> https://github.com/mozilla/pkipolicy/commit/e5269ff0d6ced93a6c6af65947712b
> 8e4b2e18b8
>
> On Tue, Mar 20, 2018 at 9:57 AM, Tim Hollebeek
On Mon, Mar 26, 2018 at 3:06 PM, Wayne Thayer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Mozilla began requiring BR audits for roots in our program in 2013 [1], but
> we have a vague policy statement in section 3.1 regarding audit
> requirements prior to inclusion:
On Mon, Mar 26, 2018 at 3:46 PM, Wayne Thayer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> When the Francisco Partners acquisition of Comodo was announced, it was
> pointed out [1] that a strict reading of the current policy section 8.1
> would have forced Comodo to
8 matches
Mail list logo