Hi Arno,
Tools like https://github.com/alex/ct-tools or
https://github.com/grahamedgecombe/ct-submit can be used to manually submit
specific certificates to CT logs.
Alex
On Thu, Aug 17, 2017 at 9:07 AM, Arno Fiedler via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Am
Am Montag, 14. August 2017 18:44:59 UTC+2 schrieb Jonathan Rudenberg:
> Hi Arno and Martin,
>
> > On Aug 14, 2017, at 11:44, Arno Fiedler wrote:
> >
> > Dear Forum,
> >
> > since the 07-07-2017, all new issued D-TRUST TLS-Certificates have at least
> > 64 bits of
Am Dienstag, 15. August 2017 16:21:03 UTC+2 schrieb Gervase Markham:
> On 14/08/17 16:44, Arno Fiedler wrote:
> > fulfilled. On 20-07-17 Mozilla asked D-TRUST for clarification, due
> > to the holiday period this message reached us on 07-08-17, AF
> > answered on 08-08-17
>
> I was going to
On 14/08/17 16:44, Arno Fiedler wrote:
> fulfilled. On 20-07-17 Mozilla asked D-TRUST for clarification, due
> to the holiday period this message reached us on 07-08-17, AF
> answered on 08-08-17
I was going to complain about this but, re-reviewing the CCADB Common
Policy[0], it says:
Hi Arno, Martin,
On Mon, Aug 14, 2017 at 11:37 AM, Arno Fiedler via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> As result we confirm to do the following steps and report about the
> implementation latest until 15-09-2017
> • Contact all effected customers, inform
Hi Arno and Martin,
> On Aug 14, 2017, at 11:44, Arno Fiedler wrote:
>
> Dear Forum,
>
> since the 07-07-2017, all new issued D-TRUST TLS-Certificates have at least
> 64 bits of entropy in the serial number.
>
> Since 01-12-2016 D-TRUST TLS certificates requested
Dear Forum,
since the 07-07-2017, all new issued D-TRUST TLS-Certificates have at least 64
bits of entropy in the serial number.
Since 01-12-2016 D-TRUST TLS certificates requested via our enterprise platform
have a serial number which includes at least 64 bits of entropy. We informed
the
Dear Forum,
since the 07-07-2017, all new issued D-TRUST TLS-Certificates have at least 64
bits of entropy in the serial number.
Since 01-12-2016 D-TRUST TLS certificates requested via our enterprise platform
have a serial number which includes at least 64 bits of entropy. We informed
the
ity-pol...@lists.mozilla.org
Betreff: Re: Certificate issued by D-TRUST SSL Class 3 CA 1 2009 with
short SerialNumber
On Aug 8, 2017, at 08:58, Fiedler, Arno via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
Dear Mozilla Security Policy Community,
Thanks for the advic
> On Aug 10, 2017, at 07:55, Fiedler, Arno via dev-security-policy
> wrote:
>
> Hello Jonathan,
>
> the certificate has 64 bits of entropy in the "DNqualifier" field instead of
> the serial number field.
>
> Since 2012 we used this way of adding
en oder Kopieren dieser Mail
> nicht gestattet ist. Wenn Sie diese Mail irrtümlicherweise erhalten haben,
> informieren Sie uns bitte schnellstmöglich und löschen Sie bitte die Mail.
>
>
> -Ursprüngliche Nachricht-
> Von: Jonathan Rudenberg [mailto:jonat...@titanous.co
Hello Jonathan,
this certificate has 64 bits of entropy in the "DNqualifier" field instead of
the serial number field.
Since 2012 we used this way of adding random bits to certificates to mitigate
preimage attacks. From a security perspective the amount of Entropy in the
certificate should
> On Aug 8, 2017, at 08:58, Fiedler, Arno via dev-security-policy
> wrote:
>
> Dear Mozilla Security Policy Community,
>
> Thanks for the advice about the short serial numbers and apologies for the
> delayed response.
>
> Since 2016, all D-TRUST TLS
13 matches
Mail list logo