Re: Criticism of Google Re: Google Trust Services roots

On 06/04/2017 23:49, Ryan Sleevi wrote: On Thu, Apr 6, 2017 at 1:42 PM, Jakob Bohm via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: Here are some ideas for reasonable new/enhanced policies (rough sketches to be discussed and honed before insertion into a future Mozilla

Re: Criticism of Google Re: Google Trust Services roots

On Thu, Apr 6, 2017 at 1:42 PM, Jakob Bohm via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > > Here are some ideas for reasonable new/enhanced policies (rough > sketches to be discussed and honed before insertion into a future > Mozilla policy version): > Are you

Re: Criticism of Google Re: Google Trust Services roots

Here are some ideas for reasonable new/enhanced policies (rough sketches to be discussed and honed before insertion into a future Mozilla policy version): 1. If a CA operator (the entity whose audits and statements ensures compliance with BR, CCADB, Mozilla, etc. policy requirements) ceases

Re: GlobalSign BR violation

On 04/04/2017 22:25, Doug Beattie wrote: -Original Message- From: dev-security-policy [mailto:dev-security-policy- bounces+doug.beattie=globalsign@lists.mozilla.org] On Behalf Of Nick Lamb via dev-security-policy I have a question: These certificates appear to be not only