On 10/04/2017 16:58, Steve Medin wrote:
Issue X: Incomplete RA Program Remediation (February - March 2017)
The only Symantec RAs capable of authorizing and issuing publicly trusted
SSL/TLS certificates are: CrossCert, Certisign, Certsuperior and Certisur.
Symantec continues to maintain a partn
On Monday, April 10, 2017 at 4:00:21 PM UTC+1, Steve Medin wrote:
> Issue X: Incomplete RA Program Remediation (February - March 2017)
>
> The only Symantec RAs capable of authorizing and issuing publicly trusted
> SSL/TLS certificates are: CrossCert, Certisign, Certsuperior and Certisur.
> Syma
On 11/04/17 17:51, Ryan Sleevi wrote:
> Also, search SSL. Not TLS :)
Aha!
> Further, its CPS states
>
> "MSC Trustgate.com is a “Processing Center,” as described in CP §
> 1.1.2.1.2, which
> means MSC Trustgate.com has established a secure facility housing, among
> other
> things, CA systems, in
On Tue, Apr 11, 2017 at 12:33 PM, Gervase Markham via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
>
> E-Sign's CPS URL is given in its audit statement as:
> https://www.e-sign.cl/uploads/cps_esign_388.pdf
>
> Grepping that document for "TLS" gives no hits. Can you help me so
On 11/04/17 16:23, Ryan Sleevi wrote:
> The audits mention the CP/CPS has been evaluated as part of the scope of
> the audit.
Yep, OK.
> The CP/CPS mentions the issuance of TLS certificates as part of the
> hierarchy. For example,
>
> "E-Sign provides its services in accordance with its Certific
On Tue, Apr 11, 2017 at 6:21 AM, Gervase Markham via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Hi Ryan,
>
> On 10/04/17 17:20, Ryan Sleevi wrote:
> > 1) You stated that this partner program applies to non-TLS certificates.
> > The audit for both STN and for the RAs fail
Hi Ryan,
On 10/04/17 17:20, Ryan Sleevi wrote:
> 1) You stated that this partner program applies to non-TLS certificates.
> The audit for both STN and for the RAs fails to make this distinction. For
> example, audits are listed related to the issuance of of TLS certificates.
The audits linked to
Hi Steve,
Quick questions:
1) You stated that this partner program applies to non-TLS certificates.
The audit for both STN and for the RAs fails to make this distinction. For
example, audits are listed related to the issuance of of TLS certificates.
a) How do you explain this discrepancy?
b)
Issue X: Incomplete RA Program Remediation (February - March 2017)
The only Symantec RAs capable of authorizing and issuing publicly trusted
SSL/TLS certificates are: CrossCert, Certisign, Certsuperior and Certisur.
Symantec continues to maintain a partner program for non-TLS certificates.
E-Si
9 matches
Mail list logo