On February 21 2018, I reported an unexpired certificate to Identrust which
contained SAN entries for several invalid .INT domains:
https://crt.sh/?id=7852280
They acknowledged and revoked the certificate in a timely manner. However, I
find this event particularly bothersome:
- This certifica
On 10/15/18 11:01 AM, Kathleen Wilson wrote:
I have added the following section to the Required Practices wiki page:
https://wiki.mozilla.org/CA/Required_or_Recommended_Practices#BR_Commitment_to_Comply_statement_in_CP.2FCPS
I will continue to appreciate feedback on this update.
Thanks,
Kat
On 15/10/2018 20:01, Kathleen Wilson wrote:
I have added the following section to the Required Practices wiki page:
https://wiki.mozilla.org/CA/Required_or_Recommended_Practices#BR_Commitment_to_Comply_statement_in_CP.2FCPS
https://wiki.mozilla.org/CA/Required_or_Recommended_Practices#CP.2FCP
I have added the following section to the Required Practices wiki page:
https://wiki.mozilla.org/CA/Required_or_Recommended_Practices#BR_Commitment_to_Comply_statement_in_CP.2FCPS
I will continue to appreciate feedback on this update.
Thanks,
Kathleen
___
On 10/15/18 12:48 AM, Pedro Fuentes wrote:
Hello,
I've a question closely related to this. I'd appreciate guidance.
I'm refactoring our CP & CPS documents considering that a CA can issue
different types of certificates, so there would be multiple CP and one CPS.
My strategy is that if the stip
On 12/10/2018 20:01, Rob Stradling wrote:
On 12/10/18 16:40, Ryan Sleevi via dev-security-policy wrote:
On Fri, Oct 12, 2018 at 8:33 AM Ben Laurie wrote:
This is one of the reasons we also need revocation transparency.
As tempting as the buzzword is, and as much as we love motherhood and
The following incident report regarding the item of undisclosed certificates
has recently been posted to
https://bugzilla.mozilla.org/show_bug.cgi?id=1455132
1. How your CA first became aware of the problem (e.g. via a problem report
submitted to your Problem Reporting Mechanism, a discussion
All,
The CCADB system upgrades are in progress, so there will be limited
functionality today. Best to avoid logging into CCADB today if you can.
Kathleen
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozill
On Mon, 15 Oct 2018 at 04:51, Paul Wouters via dev-security-policy
wrote:
>
> On Oct 14, 2018, at 21:09, jsha--- via dev-security-policy
> wrote:
> >
> > There’s a paper from 2013 outlining a fragmentation attack on DNS that
> > allows an off-path attacker to poison certain DNS results using IP
Hello,
The decision was taken at one of our security committees where all changes and
developments that could impact the practices and compliance of our authority
are validated. This is why all the actors of these security committees have
been made aware of the incident and the fact that we can
Hello,
I've a question closely related to this. I'd appreciate guidance.
I'm refactoring our CP & CPS documents considering that a CA can issue
different types of certificates, so there would be multiple CP and one CPS.
My strategy is that if the stipulation is defined in one of the document (C
11 matches
Mail list logo