On 27/04/17 00:16, Jeremy Rowley wrote:
> We also started the revocation process for the 500 certificates
> containing meta-data. However, we wanted to ask about the 1000
> certificates containing data indicating the field was not applicable.
> We recognize these were not properly issued, but I am
I like to share the experience we suffered from distrust, it is disastrous for
CA and its customers to replace the certificate that exceed your imagination
that we are still working for this since October 2016 that nearly six months
now.
Due to the quantity of Symantec customers is more than Wo
On 26/04/17 21:21, Rob Stradling via dev-security-policy wrote:
(Note: A few of the non-Symantec entries currently listed by
https://crt.sh/mozilla-disclosures#undisclosed are false positives, I
think. It looks like Kathleen has marked some roots as "Removed" on
CCADB ahead of the corresponding
On 21/04/17 18:19, Eric Mill wrote:
> The FPKI cross-signs at issue in Issue L are now expired (and so don't show
> on the links above). They do show when expired certificates are included --
> there are 6 of them with OU=FPKI:
> https://crt.sh/?Identity=%25&iCAID=1384
>
> Each of those certificat
Good to know that our new certs are there :-)
Regarding StartCom, these are the new certs we´ve generated and will be used
to apply for inclusion in the Mozilla root program. Nothing to disclose at
the moment I guess. We´ve not been audited yet nor applied.
Best regards
Iñigo Barreira
CEO
StartCo
On 27/04/17 11:56, Inigo Barreira wrote:
Good to know that our new certs are there :-)
Regarding StartCom, these are the new certs we´ve generated and will be used
to apply for inclusion in the Mozilla root program. Nothing to disclose at
the moment I guess. We´ve not been audited yet nor applied
No problem at all. I thought that while distrusted no needed to follow nor
update the CCADB. Will do asap.
Best regards
Iñigo Barreira
CEO
StartCom CA Limited
-Original Message-
From: Rob Stradling [mailto:rob.stradl...@comodo.com]
Sent: jueves, 27 de abril de 2017 13:08
To: Inigo Barr
I don't know about others, but I am quite disappointed by Symantec's proposed
remediation plan. Intentional or not, these response seems to indicate they
don't really understand the potential consequences of many of their past
actions. Essentially, they promise to:
1) Have a third party audit
On Thu, Apr 27, 2017 at 6:50 AM, Gervase Markham via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On 21/04/17 18:19, Eric Mill wrote:
> > The FPKI cross-signs at issue in Issue L are now expired (and so don't
> show
> > on the links above). They do show when expired certif
Hi Richard,
On Thu, Apr 27, 2017 at 6:13 AM, Richard Wang via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> I like to share the experience we suffered from distrust, it is disastrous
> for CA and its customers to replace the certificate that exceed your
> imagination that
This request from the Dhimyotis/Certigna is to include the SHA-256 ‘Certigna
Root CA’ certificate and turn on the Websites and Email trust bits. This root
certificate will eventually replace the SHA-1 ‘Certigna’ root certificate that
was included via Bugzilla #393166.
Dhimyotis, t e name of th
(Wearing a Google Hat, if only to share what has transpired)
Symantec has recently shared in https://www.symantec.com/
connect/blogs/symantec-ca-proposal , as well as https://groups.google.com/d/
msg/mozilla.dev.security.policy/LRvzF2ZPyeM/OpvBXviOAQAJ , a plan for what
they believe is an appropri
Note that according to the below post, the one thing Symantec has not
decided to obey Google on is a request to completely stop operating as
a CA, except in name and a few minor related aspects.
This was the final, microscopic, out offered to WoSign after they
completely and deliberately deceived
Your post made me realize that we never publicly posted the status of these
last few CAs. Sorry about that. Here's the plan:
1. ABB - ABB was supposed to be technically constrained (and is restricted
to certain names). However, the technical constraints were added incorrectly
and didn't exclude I
On Thu, Apr 27, 2017 at 3:52 PM, Jeremy Rowley via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Your post made me realize that we never publicly posted the status of these
> last few CAs. Sorry about that. Here's the plan:
>
> 1. ABB - ABB was supposed to be technically c
Thanks Alex. Greatly appreciated.
From: Alex Gaynor [mailto:agay...@mozilla.com]
Sent: Thursday, April 27, 2017 2:05 PM
To: Jeremy Rowley
Cc: Rob Stradling ; mozilla-dev-security-policy
Subject: Re: Symantec Conclusions and Next Steps
On Thu, Apr 27, 2017 at 3:52 PM, Jeremy Rowley via
16 matches
Mail list logo
