Hi Gervase,
On Monday, December 5, 2016 at 9:00:53 PM UTC+8, Gervase Markham wrote:
> On 04/12/16 08:17, Wen-Cheng Wang wrote:
> > You are wight, there are several subordinate CAs under our Government
> > Root CA. Our Government Root CA and all its subordinate have WebTrust
> > for CA audits. Howe
On 04/12/2016 06:00, capuchin...@gmail.com wrote:
Jakob Bohm於 2016年12月4日星期日 UTC+8上午1時23分16秒寫道:
You have made a fundamental technical mistake.
I do not understand that why do you said that we made a fundamental technical
mistake? As I had participated in drafting RFC 5280, I am sure that our
Sorry, we don't have deadline.
And no plan to close it in PKI side, we keep the right to active it at any
time, and we can issue this free SSL certificate for subscribers at any time if
customers need it.
Best Regards,
Richard
> On 6 Dec 2016, at 07:49, Percy wrote:
>
> When I was trying to
When I was trying to inform Apple to put a time constrain on the intermediate
CA, you implied such constrain not necessary because no new certs will be
issued. Clearly, you know already that the users can still get certs from
reseller and potentially abuse it due to all the control failures inve
We checked our system, this order is from one of the reseller. We have many
resellers that used the API, we noticed all resellers to close the free SSL,
but they need some time to update the system.
The most important thing is this certificate is issued by proper way that this
subscriber finishe
在 2016年12月5日星期一 UTC+8下午9:06:13,lslqtz写道:
> Certificate:
> -BEGIN CERTIFICATE-
> MIIFwTCCBKmgAwIBAgIQH6W3+xfuFD8074LcZJFjLjANBgkqhkiG9w0BAQsFADBP
> MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxJDAiBgNV
> BAMMG0NBIOayg+mAmuWFjei0uVNTTOivgeS5piBHMjAeFw0xNjEyMDUwNTU4NDJa
> Fw0xNzEyMD
WoSign is actively deceiving this community again.
In Nov. 13th, in the thread Apple's response to the WoSign incidents, I stated
that "CA 沃通免费SSL证书 G2", the intermediate CA of this certificate should be time
constrained by Apple. But Richard stated that "WoSign stopped to issue free SSL
certi
lslqtz,
How did you obtain this certificate from WoSign? Through the public website or
some other means?
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
On the WoSign website https://buy.wosign.com/free/?lan=en , it clearly states
that "Sorry, due to some security consideration,
WoSign decide to close the free SSL certificate application temporarily. Sept.
29th 2016."
___
dev-security-policy mailing li
Gervase Markham wrote:
> On 04/12/16 19:11, Brian Smith wrote:
> > If certificates without an EKU have dNSName or iPAddress subjectAltName
> > entries, then they should be considered in scope. Otherwise they don't
> need
> > to be considered in scope as long as Firefox doesn't use the Subject CN
This is not a issue.
You finished the domain validation that we can issue the cert.
Best Regards,
Richard
> On 5 Dec 2016, at 21:05, lslqtz wrote:
>
> Certificate:
> -BEGIN CERTIFICATE-
> MIIFwTCCBKmgAwIBAgIQH6W3+xfuFD8074LcZJFjLjANBgkqhkiG9w0BAQsFADBP
> MQswCQYDVQQGEwJDTjEaMBgGA1UEChM
On 04/12/16 19:11, Brian Smith wrote:
> If certificates without an EKU have dNSName or iPAddress subjectAltName
> entries, then they should be considered in scope. Otherwise they don't need
> to be considered in scope as long as Firefox doesn't use the Subject CN as
> a dNSName. You've already star
Certificate:
-BEGIN CERTIFICATE-
MIIFwTCCBKmgAwIBAgIQH6W3+xfuFD8074LcZJFjLjANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxJDAiBgNV
BAMMG0NBIOayg+mAmuWFjei0uVNTTOivgeS5piBHMjAeFw0xNjEyMDUwNTU4NDJa
Fw0xNzEyMDUwNTU4NDJaMCQxCzAJBgNVBAYTAkNOMRUwEwYDVQQDDAxsb2xpd2l
On 04/12/16 08:17, Wen-Cheng Wang wrote:
> You are wight, there are several subordinate CAs under our Government
> Root CA. Our Government Root CA and all its subordinate have WebTrust
> for CA audits. However, among those subordinate CAs, only GCA will
> issue SSL certificates. Therefore, only Gov
14 matches
Mail list logo