I have found four more CAs that are not compliant with this requirement:
1. Entrust: http://www.entrust.net/about/practices.cfm, last updated on Mar 4,
2014
2. Taiwan CA:
https://www.twca.com.tw/Portal/english/coporate_profile/Repository.html, last
updated on Jan 22, 2013
3. Trend Micro:
On Monday, April 6, 2015 at 1:53:26 PM UTC-4, Eugene wrote:
I have found four more CAs that are not compliant with this requirement:
1. Entrust: http://www.entrust.net/about/practices.cfm, last updated on Mar
4, 2014
2. Taiwan CA:
Certinomis has translated the following into English:
AA AGENTS CA for AA Servers
- (requirements for French Regulation and ETSI/TS 102 042 including BR-PTC)
http://www.certinomis.fr/publi/rgs/DT-FL-1310-040-PC-AA-1.4-EN.pdf
Easy CA for WebSSL
- (requirements ETSI/TS 102 042 including BR-PTC)
On Fri, March 20, 2015 8:10 am, Certificates wrote:
Hello,
Thank you for your detailed second review.
Please, find our answers below.
Kathleen pointed out my original message was unclear, but I think it's
fine to progress on this inclusion.
While nothing prohibits OCSP nonces, I do hope
On 2/9/15 1:08 PM, Kathleen Wilson wrote:
Krajowa Izba Rozliczeniowa (KIR) S.A. has applied to include the SZAFIR
ROOT CA root certificate and enable all three trust bits.
The first discussion is here:
https://groups.google.com/d/msg/mozilla.dev.security.policy/aNbK4zw_Zb8/ekmVXYXvfQ4J
The
Le lundi 6 avril 2015 17:29:00 UTC+2, Anonymous a écrit :
It would be very helpful if you could provide some evidence of this.
Qihoo 360 is a browser member of the CABForum, the product treats
certificate validation errors differently than other browsers, in a non
secure way.
But having
On 04/06/2015 01:43 PM, Eugene wrote:
I just checked the CPS of Gandi and the CPS of PublicCA of Chunghwa Telecom,
both published in 2009. They are indeed not compliant with the current BR:
Gandi CA Certification Practice Statement section 6.3.2: The validity period of
Gandi certificates
On 05/04/15 13:12, Erwann Abalea wrote:
It would be very helpful if you could provide some evidence of this.
Qihoo 360 is a browser member of the CABForum, the product treats
certificate validation errors differently than other browsers, in a
non secure way. But having additional certificates
On 03/04/15 01:46, Matt Palmer wrote:
On the other hand, CNNIC's blog post suggests that they haven't. There's
some serious cognitive dissonance going on here.
Just to close this loop: CNNIC have now supplied us with a ZIP file of
all their currently-valid issued certificates.
Given that
On 04/04/15 04:20, Eugene wrote:
According to the CA Baseline Requirements section 8.2.1, The CA
SHALL develop, implement, enforce, and **annually update** a
Certificate Policy and/or Certification Practice Statement that
describes in detail how the CA implements the latest version of these
It would be very helpful if you could provide some evidence of this.
Qihoo 360 is a browser member of the CABForum, the product treats certificate
validation errors differently than other browsers, in a non secure way.
But having additional certificates installed which allow MITM is a different
Thanks! Yes, I think it is a required item in webtrust audit as well. But, for
example, Google's CPS was updated on Sept 2, 2013, so Google should have its
CPS updated by Sept 2, 2014. Right? But its audit report states during the
period October 1, 2013 through September 30, 2014 [...] The
12 matches
Mail list logo
