On 5/15/20, Peter Gutmann via dev-security-policy
wrote:
> Hanno Böck writes:
>
>>The impact it had was a monitoring system that checked whether the
>>certificate of a host was okay, using gnutls-cli with ocsp enabled (which
>>also uncovered a somewhat unexpected inconsistency in how the gnutls
On 12/29/18, Ryan Sleevi wrote:
> On Sat, Dec 29, 2018 at 10:24 AM Lee wrote:
>
>> > It does not seem like a productive discussion will emerge if the
>> > ontology
>> > is going to be honest/dishonest participants.
>>
>> I think it's an excellent distinction. An honest subscriber won't
>>
On 12/29/18, Ryan Sleevi via dev-security-policy
wrote:
> On Fri, Dec 28, 2018 at 11:21 PM Jakob Bohm via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
>> > My guess is all CAs have something like
>> >https://www.digicert.com/certificate-terms/
>> > 15. Certificate
On 12/28/18, Jakob Bohm via dev-security-policy
wrote:
> On 28/12/2018 19:44, Lee wrote:
>> On 12/27/18, Jakob Bohm via dev-security-policy
>> wrote:
>>> Looking at the BRs, specifically BR 4.9.1, the reasons that can lead
>>> to fast revocation fall into a few categories / groups:
>> <..
On 12/27/18, Jakob Bohm via dev-security-policy
wrote:
> Looking at the BRs, specifically BR 4.9.1, the reasons that can lead
> to fast revocation fall into a few categories / groups:
<.. snip ..>
> So absent a bad CA, I wonder where there is a rule that subscribers
> should be ready to
On 6/1/18, Ryan Sleevi wrote:
> On Fri, Jun 1, 2018 at 9:14 AM, Peter Kurrasch wrote:
>
>> Security can be viewed as a series of AND's that must be satisfied in
>> order to conclude "you are probably secure". For example, when you browse
>> to an important website, make sure that "https" is used
What's it going to take for mozilla to set up near real-time
monitoring/auditing of certs showing up in ct logs?
Lee
On 8/9/17, Alex Gaynor via dev-security-policy
wrote:
> (Whoops, accidentally originally CC'd to m.d.s originally! Original mail
> was to
On 8/9/17, Eric Mill wrote:
> On Wed, Aug 9, 2017 at 4:28 PM, Lee wrote:
>
>> On 8/9/17, Eric Mill via dev-security-policy
>> wrote:
>> > On Tue, Aug 8, 2017 at 5:53 PM, identrust--- via dev-security-policy <
>> >
On 8/9/17, Eric Mill via dev-security-policy
wrote:
> On Tue, Aug 8, 2017 at 5:53 PM, identrust--- via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
>> On Tuesday, August 8, 2017 at 12:06:47 PM UTC-4, Jonathan Rudenberg wrote:
>> >
On 6/20/17, mfisch--- via dev-security-policy
wrote:
> On Monday, June 19, 2017 at 7:37:23 PM UTC-4, Matt Palmer wrote:
>> On Sun, Jun 18, 2017 at 08:17:07AM -0700, troy.fridley--- via
>> dev-security-policy wrote:
>> > If you should find such an issue again
On 5/1/17, Ryan Sleevi <r...@sleevi.com> wrote:
> On Mon, May 1, 2017 at 1:53 PM, Lee via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
>> On 5/1/17, Gervase Markham via dev-security-policy
>> <dev-security-policy@lists.mozilla.org>
On 5/1/17, Gervase Markham via dev-security-policy
wrote:
> The last CA Communication laid down our policy of only permitting the 10
> Blessed Methods of domain validation. A CA Communication is an official
> vehicle for Mozilla Policy so this is now policy,
12 matches
Mail list logo