Thank you, Ryan, for providing this very helpful information.
## What does this mean for the CA Certificates Module?
Since 2015, I’ve been a Module Peer of the CA Certificates Module [1]. My
role has been to support Kathleen and Ben, and previously also Wayne and
Gerv, in performing detailed C
Writing in a Google capacity (See
https://wiki.mozilla.org/CA/Policy_Participants )
Recently, at the CA/Browser Forum 51 “virtual F2F” [1], the Chrome team
shared an announcement about a revamp to the Chrome Root Program, including
an updated policy available at https://g.co/chrome/root-policy, as
Matthias,
Have you been able to obtain the CPS downloadable from here:
https://www.sede.fnmt.gob.es/en/dpcs/ac-servidores-seguros-tipo-1 or
here: https://www.sede.fnmt.gob.es/en/dpcs/ac-servidores-seguros-tipo-2
? (They both lead to the same CPS v. 1.6 document.)
Ben
On Wed, Dec 2, 2020 at 7:15
All,
I have started a similar, simultaneous discussion with the CA/Browser
Forum, in order to gain traction.
https://lists.cabforum.org/pipermail/servercert-wg/2020-December/002382.html
Ben
On Wed, Dec 2, 2020 at 2:49 PM Jeremy Rowley
wrote:
> Should this limit on reuse also apply to s/MIME?
Should this limit on reuse also apply to s/MIME? Right now, the 825 day limit
in Mozilla policy only applies to TLS certs with email verification of s/MIME
being allowed for infinity time. The first draft of the language looked like
it may change this while the newer language puts back the TLS
One potential approach would be to make it so that issuances after July 1,
2021 require a validation no more than 398 days old. The currently-proposed
wording ("verify that each dNSName or IPAddress is current and correct at
intervals of 398 days or less") lends itself to that interpretation, it
ju
See my responses inline below.
On Tue, Dec 1, 2020 at 1:34 PM Ryan Sleevi wrote:
>
>
> On Tue, Dec 1, 2020 at 2:22 PM Ben Wilson via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
>> See responses inline below:
>>
>> On Tue, Dec 1, 2020 at 11:40 AM Doug Beattie > >
>> wr
Hi Corey,
From Apple’s perspective, the desire was first to have the field added to
CCADB. From here, we’re planning on sending out a CA Communication notifying
CAs that the field is available and requesting that CAs populate it. We are
considering a requirement that Full CRLs be made available
On Fri, 27 Nov 2020 at 11:19, Santiago Brox via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
>
> El jueves, 19 de noviembre de 2020 a las 0:47:03 UTC+1, Matthias van de
Meent escribió:
> > On Wed, 18 Nov 2020, 01:06 Ben Wilson via dev-security-policy,
> > wrote:
> > >
> > >
9 matches
Mail list logo