On Saturday, November 23, 2019 at 3:28:10 PM UTC-8, Matt Palmer wrote:
> [aside: this is how incident reports should be done, IMHO]
>
> On Fri, Nov 22, 2019 at 07:23:27PM -0800, Apple CA via dev-security-policy
> wrote:
> > We did not have an accurate understanding of how the vulnerability scanne
On 10/29/19 12:46 PM, Kathleen Wilson wrote:
When an intermediate certificate is not listed in all of the necessary
audit reports, it is a violation of Mozilla’s Root Store Policy and an
incident report[1] must be filed via a Bugzilla Bug which must list the
steps your CA is taking to resolve
I've given the new version [1] another review, updated a few links, and set
the effective date to 1-January 2020.
Unless there are new comments on this or any of the other changes [2], I
will have the new version published in the next few weeks. I'll also be
preparing a CA Communication to announc
On Mon, Nov 25, 2019 at 7:10 AM Bowen, James E. wrote:
> DHS is only using Mozilla’s trust store for determining trust. They are
> not using a government-based trust store.
>
>
>
> We talked to Entrust last week. Entrust was creating certificates with “
> entrust.net” as the old way. Recently,
4 matches
Mail list logo