On Wed, May 13, 2020 at 9:00 PM Matt Palmer via dev-security-policy
wrote:
> On the contrary, unless there's an override of RFC5280 4.2.2.1 in the BRs
> that I can't find, the requirement of universal access does exist. RFC5280
> 4.2.2.1 says, in relevant part:
>
> "Where the information is avail
On Wed, May 13, 2020 at 08:28:03AM -0400, Ryan Sleevi wrote:
> On Tue, May 12, 2020 at 11:47 PM Matt Palmer via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
> > 1. As Hanno said, it's a public resource, and as such it should, in
> > general,
> > be available to the public.
On Wed, May 13, 2020 at 12:12 AM Peter Gutmann
wrote:
> Ryan Sleevi writes:
>
> >>Following up on this, would it be correct to assume that, since no-one
> has
> >>pointed out any impact that this had on anything, that it's more a
> >>certificational issue than anything with real-world consequenc
On Tue, May 12, 2020 at 11:47 PM Matt Palmer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On Tue, May 12, 2020 at 11:37:23PM -0400, Ryan Sleevi wrote:
> > On Tue, May 12, 2020 at 10:30 PM Matt Palmer via dev-security-policy
> > wrote:
> > >
> > > On Tue, May 12, 2020
On Saturday, May 9, 2020 at 12:56:00 AM UTC+3, Wayne Thayer wrote:
> The ETSI audit attestation statement referenced by Ben [1] lists 6
> non-conformities that were to be corrected within 3 months of the onsite
> audit that occurred on 2020-02-10 until 2020-02-14:
>
> Findings with regard to ETSI
Update:
All 4 CAs have corrected the certs and are now serving DER
encoded intermediates at the URLs.
--
Hanno Böck
https://hboeck.de/
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-secu
6 matches
Mail list logo
