Re: DarkMatter Concerns

2019-03-07 Thread Kristian Fiskerstrand via dev-security-policy
ocally by choice, as its citizens are more likely to accept the local laws as they are governed by them already. Trust is ultimately a subjective consideration, and no list of requirement can ever be the full set of requirement, as any system based on such a method can and will be gamed. -- Kristi

Re: Disallowed company name

2018-05-31 Thread Kristian Fiskerstrand via dev-security-policy
On 06/01/2018 12:14 AM, Matthew Hardeman via dev-security-policy wrote: > On Thu, May 31, 2018 at 5:03 PM, Kristian Fiskerstrand > wrote: > >> >> New business enterprise name: ';UPDATE TAXRATE SET RATE = 0 WHERE NAME = >> 'EDVIN SYSE' >> >>

Re: Disallowed company name

2018-05-31 Thread Kristian Fiskerstrand via dev-security-policy
iness registry that they were requested to change the name... -- Kristian Fiskerstrand OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 signature.asc Description: OpenPGP digital signature ___

Re: Policy 2.6 Proposal: Require CAs to support problem reports via email

2018-04-19 Thread Kristian Fiskerstrand via dev-security-policy
ument is actually security. Given that most users (sadly) still don't use OpenPGP or S/MIME, a web form allows encrypted submissions. -- Kristian Fiskerstrand OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 signature.asc Description:

Re: On the value of EV

2017-12-12 Thread Kristian Fiskerstrand via dev-security-policy
therefore try to strengthen the CA ecosystem as a whole and not > try to make any "special" certificates. For what it is worth, I'm also supporting removal of special UI elements for EV certificates. Users tends to be easily swayed one way or the other, and if it is to have any v

Re: Certificate incident: private key leaked for wildcard certificate for *.sandbox.operations.dynamics.com

2017-12-09 Thread Kristian Fiskerstrand via dev-security-policy
be useful to establish a practice of including such contact information in the certificate itself, e.g. requiring a URI in some standardized key containing the contact point? -- Kristian Fiskerstrand OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60

Re: BR compliance of legacy certs at root inclusion time

2017-08-18 Thread Kristian Fiskerstrand via dev-security-policy
above seems mitigated D) something else? Yes please -- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk Public OpenPGP keyblock at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 -

Re: Cerificate Concern about Cloudflare's DNS

2016-11-02 Thread Kristian Fiskerstrand
provider, and not a CA matter. -- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk Public OpenPGP keyblock at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60