Re: Mozilla’s Plan for Symantec Roots

2018-02-09 Thread Ryan Sleevi via dev-security-policy
Hi Wayne, As a small clarification - while Chrome has included the certificates, as noted in the readme, the whitelist is based on SPKI. This was intentional, to avoid situations of interoperability issues. Whitelisting by certificate, rather than either SPKI or SPKI-Tuple, brings with it

Re: Mozilla’s Plan for Symantec Roots

2018-02-09 Thread Wayne Thayer via dev-security-policy
On Thu, Feb 8, 2018 at 7:26 AM, Kai Engert via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > On 16.10.2017 19:32, Gervase Markham via dev-security-policy wrote: > > The subCAs that we know of that fall into this category belong to Google > > and Apple. If there are any

Re: ccadb.org

2018-02-09 Thread Kathleen Wilson via dev-security-policy
On 2/7/18 11:41 AM, Kathleen Wilson wrote: All, At 6pm PST on Thursday, February 8th, we will begin the migration of ccadb.org to https. It is possible that during this migration users may receive errors when trying to access the ccadb.org site. All, Something went wrong, so the changes