Re: Policy 2.7 Proposal: Clarify Revocation Requirements for S/MIME Certificates

2019-05-01 Thread Wayne Thayer via dev-security-policy
On Fri, Apr 26, 2019 at 5:14 PM Wayne Thayer wrote: > Section 6 ("Revocation") of Mozilla's Root Store Policy states: > > CAs MUST revoke Certificates that they have issued upon the occurrence of >> any event listed in the appropriate subsection of section 4.9.1 of the >> Baseline Requirements,

Re: Certinomis Issues

2019-05-01 Thread Wayne Thayer via dev-security-policy
On Wed, May 1, 2019 at 3:25 PM Jakob Bohm via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > On 01/05/2019 22:29, mono.r...@gmail.com wrote: > >> 2017 assessment report > >> LSTI didn't issue to Certinomis any "audit attestation" for the > browsers in 2017. The document

Re: Certinomis Issues

2019-05-01 Thread Jakob Bohm via dev-security-policy
On 01/05/2019 22:29, mono.r...@gmail.com wrote: 2017 assessment report LSTI didn't issue to Certinomis any "audit attestation" for the browsers in 2017. The document Wayne references is a "Conformity Assessment Report" for the eIDAS regulation. I had a look at the 2017 report, and unless I

Re: Certinomis Issues

2019-05-01 Thread mono.riot--- via dev-security-policy
> 2017 assessment report > LSTI didn't issue to Certinomis any "audit attestation" for the browsers in > 2017. The document Wayne references is a "Conformity Assessment Report" for > the eIDAS regulation. I had a look at the 2017 report, and unless I misread, it implies conformity to ETSI EN

Re: Certinomis Issues

2019-05-01 Thread philbouchet35--- via dev-security-policy
Le jeudi 25 avril 2019 21:19:34 UTC+2, Wayne Thayer a écrit : > Since this is a separate, serious issue, I filed a new bug and requested an > incident report: https://bugzilla.mozilla.org/show_bug.cgi?id=1547072 > > I added this to the issues list as Issue G: >