Le 11/12/13 01:08, Kathleen Wilson a écrit :
Based on the list that Rob provided, there may be other domains that we
might consider including.
For example:
*.ac-martinique.fr
*.ac-creteil.fr
*.ac-orleans-tours.fr
*.education.fr
*.ac-poitiers.fr
As this list includes domains from the ministry
On Wed, Dec 11, 2013 at 1:49 AM, Samuel L samuel.la...@sealweb.eu wrote:
Le 11/12/13 01:08, Kathleen Wilson a écrit :
Based on the list that Rob provided, there may be other domains that we
might consider including.
For example:
*.ac-martinique.fr
*.ac-creteil.fr
*.ac-orleans-tours.fr
On 12/12/2013 12:31 AM, From Kathleen Wilson:
I understand that this is not fair to the CAs who have done a great
job of transitioning off of 1024-bit certs.
Right - potential customers knock at various doors in respect to such
certificates and I believe to have given the right answers to
If you are granting more time, I have a whole bunch of customers who are not
happy about the 2013 cutoff. Extending it for some CAs is patently unfair
to those of us who have taken a hard stance on the deadline and not
requested extensions of time. If you are granting some CAs an extension,
On 11/12/13 14:31, Kathleen Wilson wrote:
There are a few cases where customers are asking CAs for more time to
transition off of their 1024-bit certificates.
What exactly are CAs asking for? Are they asking for permission to
continue issuing such certs? Or are they asking for permission to not
On Wed, Dec 11, 2013 at 2:48 PM, Jeremy Rowley
jeremy.row...@digicert.com wrote:
If you are granting more time, I have a whole bunch of customers who are not
happy about the 2013 cutoff. Extending it for some CAs is patently unfair
to those of us who have taken a hard stance on the deadline
On 10/12/13 06:20, Jan Schejbal wrote:
The third sub-ca cert (Subject AC DGTPE Signature Authentification)
includes a CRL DP for a CRL issued by sub-ca 2, validity 2011-09-09 to
2014-09-13. The CRL is empty.
Look again. It seems that it now contains 1106 certificates (!), with
widely varying
Well let's be clear about one thing: in Firefox land (as in others) there is no such thing as revocation; there is only changing the code.I think what Kathleen is saying is that starting Jan 1, Mozilla would like to take out the code supporting certs with small keys. What needs to be negotiated
On 12/11/13 2:55 PM, Gervase Markham wrote:
On 11/12/13 14:31, Kathleen Wilson wrote:
There are a few cases where customers are asking CAs for more time to
transition off of their 1024-bit certificates.
What exactly are CAs asking for? Are they asking for permission to
continue issuing such
The only criteria on the Webtrust BR audit
(http://www.webtrust.org/homepage-documents/item27839.aspx) is section 11.
Since the BRs will only apply to certificates issued since the last audit,
and the MS policy prohibited issuance after Dec 2010, there shouldn't be
many/any audits with a
10 matches
Mail list logo