Gervase Markham wrote:
> On 06/06/15 02:12, Brian Smith wrote:
> > Richard Barnes wrote:
> >
> >> Small CAs are a bad risk/reward trade-off.
> >
> > Why do CAs with small scope even get added to Mozilla's root program in
> the
> > first place? Why not just say "your scope is too limited to be wo
On 6/4/15 10:55 AM, Kathleen Wilson wrote:
WoSign has applied to include the "Certification Authority of WoSign G2"
and "CA WoSign ECC Root" root certificates, turn on all three trust bits
for both roots, and enable EV treatment for both roots. WoSign's
previous root certificates were included vi
On 5/22/15 2:15 PM, Kathleen Wilson wrote:
On 4/7/15 5:31 PM, Richard Barnes wrote:
As noted in our earlier conclusion with regard to CNNIC's status [1], the
CNNIC roots are currently in a partially disabled state, in which
certificates chaining to these roots are only to be accepted if they wer
I'm not clear on what Mozilla expects here when standing up a new
subordinate and disclosing it for the first time. Assuming the operator
has an audit program in place, it is possible that it will be 12+ months
until they have an opinion from their auditor that calls out the new
subordinate (11 m
On 16/06/15 02:54, Peter Bowen wrote:
> First, the policy says "All disclosure MUST be made freely available and
> without additional requirements, including, but not limited to,
> registration, legal agreements, or restrictions on redistribution of the
> certificates in whole or in part."
>
> If
5 matches
Mail list logo