On Mon, 25 Nov 2019 14:12:46 -0800
Kathleen Wilson via dev-security-policy
wrote:
> CAs should have been keeping track of and resolving their own known
> problems in regards to not fully following the BRs and Mozilla
> policy. For example, I expect that a situation in which I responded
> with
Yeah, there's something amiss with how you're analyzing the issue here -
whether an entrust.com or entrust.net domain is in use shouldn't matter.
More generally, Mozilla is unlikely to add any root certificates whose
expected uses don't contain a significant public-facing component. The root
On Tuesday, 26 November 2019 16:53:21 UTC, Kathleen Wilson wrote:
> The proposed section to add to the CCADB Policy (www.ccadb.org/policy)
> has been updated and is here:
>
> https://github.com/mozilla/www.ccadb.org/issues/33#issuecomment-558714086
Typo in "Format Specifications for SHA-256
All,
The proposed section to add to the CCADB Policy (www.ccadb.org/policy)
has been updated and is here:
https://github.com/mozilla/www.ccadb.org/issues/33#issuecomment-558714086
This is the last call for feedback on it.
Thanks,
Kathleen
___
Peter,
DHS is only using Mozilla’s trust store for determining trust. They are not
using a government-based trust store.
We talked to Entrust last week. Entrust was creating certificates with
“entrust.net” as the old way. Recently, Entrust has been generating
certificates with
5 matches
Mail list logo