Re: About upcoming limits on trusted certificates
On 3/14/20 11:53 AM, Nick Lamb wrote: On Thu, 5 Mar 2020 14:15:17 + Nick Lamb via dev-security-policy wrote: Would Mozilla accept third party work to implement something like #908125 ? Hi Nick, I apologize for my delay in replying to your question. I checked with the Crypto Engineering team, and it turns out that they do have a plan for addressing this bug. It sounds like the work will also include other considerations such as configurability and testing. Thanks, Kathleen ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: DigiCert OCSP services returns 1 byte
On Tue, 1 Oct 2019 16:51:34 -0700 Wayne Thayer via dev-security-policy wrote: > I could simply move [4] to a "recommended practice" (SHOULD) until the > ballot comes into force, then move it back to "required". Since Ballot SC23 has come into force, can we now move https://wiki.mozilla.org/CA/Required_or_Recommended_Practices#Precertificates back to the Required section? Regards, Andrew ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy