It seems to me that this discussion has veered away from the original
question, which was seeking consent to "experiment" with logotypes in
publicly-trusted certificates. I don't think there is much doubt that RFC
3709 has been and can be implemented, and as pointed out, it can be tested
in
I have to rebut the idea that revoking trust is an adequate -- let alone
an "essentially absolute" -- recourse for a CA's abuse of its authority.
The fact is that an abusive CA can cause unwanted (and potentially
harmful) code and data to be injected into -- and personal data to be
In fairness, I think Mozilla essentially stipulated that this reason was
given little or no weight in the decision.
Specifically Wayne Thayer noted at [1]:
Some of this discussion has revolved around compliance issues, the most
prominent one being the serial number entropy violations discovered
Hi Kathleen and community,
I understand that you've made a decision w/r/t the DarkMatter CA matters
and am not writing to challenge or attempt influence on those.
I'm responding here only in so far as that you were "intrigued" by my
comments analogizing Mozilla Root Trust store decisioning to
I think it's interesting how one of the main technical arguments for
denying DarkMatter's root inclusion request -- the misissuance of
certificates with 63-bit identifiers instead of 64-bit identifiers, also
affected Google, Apple and Godaddy, and to a much greater extent:
On 7/16/19 12:25 PM, Kurt Roeckx wrote:
On Tue, Jul 16, 2019 at 12:12:57PM -0700, Kathleen Wilson via
dev-security-policy wrote:
Mozilla: Overdue Audit Statements
CA Owner: LuxTrust
Standard Audit Period End Date: 2018-03-30
For the overdue statements, I always see a comment, ussually
On Tue, Jul 16, 2019 at 12:12:57PM -0700, Kathleen Wilson via
dev-security-policy wrote:
> Mozilla: Overdue Audit Statements
> CA Owner: LuxTrust
> Root Certificates:
>LuxTrust Global Root 2
> Standard Audit:
> https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf
>
Message Body (6 of 6) APPEAL TO MOZILLA FOUNDATION BOARD OF DIRECTORS
1) Violation of Anti-Trust Laws:
The Module Owner’s discretionary decision, when taken into context with the
comments of other Mozilla Peers employed by other Browsers and/or competing
Certificate Authorities, are intended
Forwarded Message
Subject: Summary of July 2019 Audit Reminder Emails
Date: Tue, 16 Jul 2019 19:00:29 + (GMT)
Mozilla: Overdue Audit Statements
CA Owner: LuxTrust
Root Certificates:
LuxTrust Global Root 2
Standard Audit:
Message Body (5 of 6) APPEAL TO MOZILLA FOUNDATION BOARD OF DIRECTORS
1) Erroneous Legal Conclusions:
The Module Owner’s discretionary decision was guided by an erroneous legal
conclusion, when he determined that the legal ownership structure of the
Applicants was insufficient to allow them to
Message Body (4 of 6) APPEAL TO MOZILLA FOUNDATION BOARD OF DIRECTORS
1) Discriminatory Practices;
The Module Owner conducted his decision making process, and allowed the
distrust discussion to proceed, in a manner contrary to the Mozilla Foundation
commitment to an “Internet that includes all
Message Body (3 of 6) APPEAL TO MOZILLA FOUNDATION BOARD OF DIRECTORS
1) Abuse of Discretionary Power:
The Module Owner’s failure to consider relevant factors that should have been
given significant, or equal weight, and deliberate mischaracterizations of
facts intended to inflate the
Message Body (2 of 6) APPEAL TO MOZILLA FOUNDATION BOARD OF DIRECTORS
2) Procedural Fairness/Bias:
The Module Owner’s decision making activities, and the supporting actions of
other Mozilla staff, were not procedurally fair, transparent, absent of bias,
nor made in good-faith.
a) The
Message Body (1 of 6) APPEAL TO MOZILLA FOUNDATION BOARD OF DIRECTORS
Mozilla Foundation Board of Directors
Attention: Mitchell Baker, Executive Chairwoman
Mozilla Corporation
Attention: Chris Beard, CEO
Attention: Denelle Dixon-Thayer, General Counsel
July 16, 2019
Mozilla CA Certificate
A formal appeal has been filed with the Mozilla Foundation Board of Directors.
In the spirit of transparency, we will be posting the contents of the Appeal to
this forum in six (6) separate messages.
Benjamin Gabriel
Benjamin Gabriel | General Counsel & SVP Legal
Tel: +971 2 417 1417 |
All,
Thanks again to all of you who have been providing thoughtful and
constructive input into this discussion. As I previously indicated [1],
this has been a difficult decision to make. I have been carefully
reading and contemplating the input that you all have been providing in
this forum.
16 matches
Mail list logo
