RE: IP Validation using method 3.2.2.5 (4) "any other method"

Good point. If you want your method preserved, please send it to one of the CA/Browser forum lists. -Tim From: Ryan Sleevi [mailto:r...@sleevi.com] Sent: Tuesday, January 30, 2018 8:46 AM To: Tim Hollebeek Cc: mozilla-dev-security-policy

Re: IP Validation using method 3.2.2.5 (4) "any other method"

On Tue, Jan 30, 2018 at 10:37 AM, Tim Hollebeek via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > > > I'm sending this to this list because CAs are required to monitor this > list, > and I need to get feedback from smaller and more obscure CAs. > > > > The validation

IP Validation using method 3.2.2.5 (4) "any other method"

I'm sending this to this list because CAs are required to monitor this list, and I need to get feedback from smaller and more obscure CAs. The validation working group is thinking about proposing removal of 3.2.2.5 (4) in the near future. If you are currently using that method to validate

Re: ccadb.org

On 30/01/18 00:48, James Burton wrote: > I was doing research on the ccadb.org site and was surprised to find that > the site is running only in HTTP and is not using HTTPS. Now, I understand > that GitHub pages don't support HTTPS for custom domains but you could > always use CloudFlare for HTTPS

Re: Updating Root Inclusion Criteria

On Fri, Jan 19, 2018 at 3:04 AM, Gervase Markham via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > On 18/01/18 14:24, Ryan Sleevi wrote: > > Isn't this effectively the VISA situation? When were their first audits - > > late 2016 / early 2017? > > I'm not certain; I'll ask

Re: Updating Root Inclusion Criteria

I would like to thank everyone for your constructive input on this topic. At the outset I stated a desire to ‘establish some objective criteria that can be measured and applied fairly’. While some suggestions have been made, no clear set of criteria has emerged. At the same time, we’ve heard the