> -Original Message-
> From: dev-security-policy [mailto:dev-security-policy-
> bounces+steve_medin=symantec@lists.mozilla.org] On Behalf Of
> Gervase Markham via dev-security-policy
> Sent: Monday, May 01, 2017 10:16 AM
> To: mozilla-dev-security-pol...@lists.mozilla.org
> Subject:
On Wed, May 3, 2017 at 10:52 AM, Kathleen Wilson via
dev-security-policy wrote:
> All,
>
> I think it is time for us to change the domains that we are using for the
> CCADB as follows.
>
> Change the links for...
>
> 1) CAs to login to the CCADB
> from
>
On Thursday, April 20, 2017 at 4:03:36 PM UTC+3, Gervase Markham wrote:
> Mozilla also doesn't believe that it's the job of CAs to police phishing
CAs should police as long as the browser gives positive reinforcement to the
end-users when they access a [phishing] site.
There were suggestions in
Gerv,
Regarding your understanding of the “First Chrome Proposal”, which seems to
have influenced your “Alternative” suggestions, some quick clarifications:
(Wearing a Chrome/Google hat here)
The first Chrome proposal was operating on the concern that a complete and
total removal of trust
Hi all,
This morning Symantec disclosed ~20 new intermediate certs. I went through
these and identified 7 of them which are a) not revoked, b) not expired, c)
lack a BR audit:
https://crt.sh/?q=54EFD2977D89EDE24DDC3797CEB5A80668B3905788B58FB1AC6893EF4B78A24A
On 01/05/2017 16:16, Gervase Markham wrote:
Here is my analysis and proposal for what actions the Mozilla CA
Certificates module owner should take in respect of Symantec.
https://docs.google.com/document/d/1RhDcwbMeqgE2Cb5e6xaPq-lUPmatQZwx3Sn2NPz9jF8/edit#
Please discuss the document here in
On Wednesday, May 3, 2017 at 1:21:29 PM UTC-7, Nick Lamb wrote:
> If you believe there are, or are likely to be, CAs trying to fill out the
> survey a bit late, it may make sense to wait for that before triggering this
> change, so as to avoid the (it seems almost inevitable) response that they
All,
Gerv is leading the effort to clean up Mozilla's Root Store related wiki pages.
The contents of https://wiki.mozilla.org/CA:Overview have been moved to
https://wiki.mozilla.org/CA and cleaned up.
The previous contents of https://wiki.mozilla.org/CA have been moved to
On 03/05/2017 17:45, Peter Kurrasch wrote:
Perhaps a different way to pose the questions here is whether Mozilla
wants to place any expectations on the CA's regarding fraud and the
prevention thereof. Expectations beyond what the BR's address, that is.
Some examples:
- Minimal expectation,
On 03/05/17 21:31, Han Yuwei wrote:
> A question:How would a domain holder express denial for certain certificate
> requests?
Please can you post new questions as new threads rather than as replies
to existing threads on another topic?
The answer to your question is that they can define which
10 matches
Mail list logo