On Monday, 12 June 2017 17:31:58 UTC+1, Steve Medin wrote:
> We think it is critically important to distinguish potential removal of
> support for current roots in Firefox versus across NSS. Limiting Firefox
> trust to a subset of roots while leaving NSS unchanged would avoid
> unintentionally
> -Original Message-
> From: Gervase Markham [mailto:g...@mozilla.org]
> Sent: Wednesday, June 07, 2017 2:51 PM
> To: Steve Medin ; mozilla-dev-security-
> pol...@lists.mozilla.org
> Cc: Kathleen Wilson
> Subject: [EXT] Mozilla requirements of Symantec
>
> Hi Steve,
>
> I'm writing to you
> On Jun 8, 2017, at 05:17, Gervase Markham via dev-security-policy
> wrote:
>
> On 08/06/17 00:42, Jonathan Rudenberg wrote:
>> Yet another batch of undisclosed intermediates has shown up in CT:
>
> Like, seriously?
Another one appeared this weekend:
https://crt.sh/?sha256=0330286df3612c0e9
On 08/06/17 14:15, Rob Stradling via dev-security-policy wrote:
On 08/06/17 13:24, Kurt Roeckx via dev-security-policy wrote:
On 2017-06-08 14:16, Rob Stradling wrote:
crt.sh collates revocation information from all known CRL
Distribution Point URLs for each CA. The CDP URLs listed at
https:/
On 2017-06-08 at 04:31 -0700, richmoore44--- via dev-security-policy
wrote:
> This one is interesting since the domain name of the CRL resolves to an RFC
> 1918 IP address. Surely that is a violation of the baseline requirements.
>
> https://crt.sh/?sha256=b82210cde9ddea0e14be29af647e4b32f96ed2a9
5 matches
Mail list logo