Hi everyone,
We've now worked our way through all 21 issues which were scheduled for
Mozilla CA Policy 2.4. You can see the current text here:
https://github.com/mozilla/pkipolicy/blob/master/rootstore/policy.md
https://github.com/mozilla/pkipolicy/blob/master/ccadb/policy.md
On 07/02/17 17:45, Gervase Markham wrote:
> We want to update the permitted algorithms and key sizes list.
Resolution: resolved as specced (using English descriptions rather than
AlgorithmIdentifiers).
Gerv
___
dev-security-policy mailing list
On 07/02/17 17:25, Gervase Markham wrote:
> Therefore, we would like to update Mozilla's CA policy to implement a
> "proper" SHA-1 ban.
Resolution: resolved pretty much as drafted.
Gerv
___
dev-security-policy mailing list
On 16/02/17 18:26, blake.mor...@trustis.com wrote:
> Trustis has now revoked the SHA-1 Certificate for hmrcset.trustis.com
> and replaced it with a SHA-256 Certificate. This status is reflected
> in the latest CRL.
Hi Blake,
We are pleased to hear that, but the detail of your report compares
Hi Stephen,
On 16/02/17 18:37, Stephen Davidson wrote:
> Incident Report
Thank you for your prompt and detailed incident report. It seems to me
that this highlights the particular extra care that needs to be taken by
all CAs regarding manual issuances which do not use the normal software
into
On 13/02/17 23:53, Wayne Thayer wrote:
> Gerv - this makes sense and it is GoDaddy's intent to perform these steps
> within 3 months.
No significant objections have been put forward about this action plan,
and so I have filed a Bugzilla bug to track GoDaddy's implementation:
6 matches
Mail list logo