On 12/15/15 01:48, Peter Bowen wrote:
> On Mon, Dec 14, 2015 at 5:39 PM, Kathleen Wilson wrote:
>>
>> Another thing to consider in updating the policy is in regards to test
>> certificates versus certificates issued to customers.
>> e.g. Does the disclosure need to happen before test certificates
On Mon, Dec 14, 2015 at 5:39 PM, Kathleen Wilson wrote:
>
> Another thing to consider in updating the policy is in regards to test
> certificates versus certificates issued to customers.
> e.g. Does the disclosure need to happen before test certificates are issued?
> Or does the disclosure just ne
On 11/3/15 4:24 PM, Kathleen Wilson wrote:
Topic to discuss [1]:
“(D3) Make the timeline clear about when the audit statements and
disclosure has to happen for new audited/disclosed subCAs.
Section 10 of the Inclusion Policy says:
https://www.mozilla.org/en-US/about/governance/policies/security-
On 12/3/15 11:34 AM, Peter Bowen wrote:
Agreed. However it does raise the question of whether the Mozilla
policy should be:
1) All certificates with CA:TRUE must be disclosed or
2) All certificates with CA:TRUE must be disclosed except:
- certificates that meet the technically constrained defi
On Thu, Dec 3, 2015 at 11:17 AM, Kathleen Wilson wrote:
> On 12/3/15 11:04 AM, Peter Bowen wrote:
>>
>> On Thu, Dec 3, 2015 at 10:31 AM, Kathleen Wilson
>> wrote:
On 23/11/15 15:57, Peter Bowen wrote:
>
>
> I realize that Mozilla carved out allowance for not disclosing, but
On 12/3/15 11:04 AM, Peter Bowen wrote:
On Thu, Dec 3, 2015 at 10:31 AM, Kathleen Wilson wrote:
On 23/11/15 15:57, Peter Bowen wrote:
I realize that Mozilla carved out allowance for not disclosing, but
the CA/Browser Forum did not adopt this, instead only exempting
technically constrained CA
On Thu, Dec 3, 2015 at 10:31 AM, Kathleen Wilson wrote:
>> On 23/11/15 15:57, Peter Bowen wrote:
>>>
>>> I realize that Mozilla carved out allowance for not disclosing, but
>>> the CA/Browser Forum did not adopt this, instead only exempting
>>> technically constrained CAs from the audit requireme
On 23/11/15 15:57, Peter Bowen wrote:
I realize that Mozilla carved out allowance for not disclosing, but
the CA/Browser Forum did not adopt this, instead only exempting
technically constrained CAs from the audit requirement. Maybe this is
a place where the Mozilla policy can aligned with the BR
On 23/11/15 15:57, Peter Bowen wrote:
> I realize that Mozilla carved out allowance for not disclosing, but
> the CA/Browser Forum did not adopt this, instead only exempting
> technically constrained CAs from the audit requirement. Maybe this is
> a place where the Mozilla policy can aligned with
On Tue, Nov 3, 2015 at 4:24 PM, Kathleen Wilson wrote:
> Topic to discuss [1]:
> “(D3) Make the timeline clear about when the audit statements and disclosure
> has to happen for new audited/disclosed subCAs.
>
> What further clarification needs to be added to Mozilla’s CA Certificate
> Policy to m
On 11/20/2015 12:33 PM, Peter Bowen wrote [in part]:
> It would be good to clarify whether "subordinate CA" means the
> operator of the subordinate CA (a company or individual) or if it
> means the CA itself (e.g. the tuple of keypair and distinguished
> name).
This reflects the too casual use of
On 11/19/15 23:09, Kathleen Wilson wrote:
> By the time version 2.3 of Mozilla’s CA Cert Policy is published, I hope to
> have
> issued a CA Community License to every included CA. Taking that into
> consideration; I propose changing the policy as follows.
>
[snip]
>
> As always, I will apprecia
On Tue, Nov 3, 2015 at 4:24 PM, Kathleen Wilson wrote:
> Topic to discuss [1]:
> “(D3) Make the timeline clear about when the audit statements and disclosure
> has to happen for new audited/disclosed subCAs.
>
> Section 10 of the Inclusion Policy says:
> https://www.mozilla.org/en-US/about/governa
On 19/11/15 23:09, Kathleen Wilson wrote:
> “10. … The CA with a certificate included in Mozilla’s CA Certificate
> Program MUST disclose this information *in the CA Community in
> Salesforce* https://wiki.mozilla.org/CA:SalesforceCommunity>
> before any such subordinate CA is allowed to issue cert
By the time version 2.3 of Mozilla’s CA Cert Policy is published, I hope
to have issued a CA Community License to every included CA. Taking that
into consideration; I propose changing the policy as follows.
https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/incl
On Thu, November 5, 2015 12:51 pm, Charles Reiss wrote:
> My impression is that Mozilla need not be explicitly notified of new
> subCAs; the
> disclosure may take the form of an update on the CA's website (perhaps
> even just
> a new version of the CPS). If so, this would seem to make it diffi
On 11/04/15 00:24, Kathleen Wilson wrote:
> Topic to discuss [1]:
> “(D3) Make the timeline clear about when the audit statements and disclosure
> has
> to happen for new audited/disclosed subCAs.
>
> Section 10 of the Inclusion Policy says:
> https://www.mozilla.org/en-US/about/governance/polici
On 11/3/15 7:09 PM, Ryan Sleevi wrote:
On Tue, November 3, 2015 4:24 pm, Kathleen Wilson wrote:
Topic to discuss [1]:
(D3) Make the timeline clear about when the audit statements and
disclosure has to happen for new audited/disclosed subCAs.
What further clarification needs to be adde
On Tue, November 3, 2015 4:24 pm, Kathleen Wilson wrote:
> Topic to discuss [1]:
> â(D3) Make the timeline clear about when the audit statements and
> disclosure has to happen for new audited/disclosed subCAs.
> What further clarification needs to be added to Mozillaâs CA Certificate
> Po
Topic to discuss [1]:
“(D3) Make the timeline clear about when the audit statements and
disclosure has to happen for new audited/disclosed subCAs.
Section 10 of the Inclusion Policy says:
https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/inclusion/
“The CA with
20 matches
Mail list logo
