We have updated our CP and English website.
Please see https://grca.nat.gov.tw/GRCAeng/index.html
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
Do you have a copy of the OCSP response?
With such issues, we may need signed artifacts to demonstrate
non-compliance. For example, it shows as revoked via both OCSP and CRL
for me.
On Thu, May 14, 2020 at 4:32 PM sandybar497--- via dev-security-policy
wrote:
>
> On 7 May 2020 at 12:07:07 PM
Hi all,
Earlier this year, we began publishing semantically versioned ZLint releases
based on several requests from CAs. Yesterday, we tagged 2.1.0-RC1
(https://github.com/zmap/zlint/releases/tag/v2.1.0-rc1), which includes the
first batch of Mozilla Root Store Policy lints.
We have created a
On Wednesday, May 6, 2020 at 5:50:09 AM UTC+10, Ryan Sleevi wrote:
> On Tue, May 5, 2020 at 12:35 PM sandybar497--- via dev-security-policy
> wrote:
> >
> > I submitted a compromised key report to Sectigo [ssl_ab...@sectigo.com] on
> > 1 May 2020 at 2:03pm UTC but Sectigo failed to revoke the
On 7 May 2020 at 12:07:07 PM UTC I reported a certificate to GoDaddy at
practi...@starfieldtech.com as having its private key compromised.
I received the automated acknowledgement confirmation, however, as of
2020-05-09 03:39:36 UTC (well after 24 hours), OCSP still shows the certificate
as
Dear Hanno,
Many thanks for the report.
This has now been fixed for Multicert and an incident report was filed at
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1637093
Best regards,
NP
segunda-feira, 11 de Maio de 2020 às 17:09:08 UTC+1, Hanno Böck escreveu:
> Hi,
>
> As I
Yes, I should have asked this on the CABF list, and you answered my question
with the links below. Thanks!
From: Ryan Sleevi
Sent: Thursday, May 14, 2020 8:57 AM
To: Doug Beattie
Cc: mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: 7.1.6.1 Reserved Certificate Policy Identifiers
Did you mean to ask this on the CABF list?
This is
https://github.com/cabforum/documents/issues/179 which I was going to try
to fix in
https://github.com/sleevi/cabforum-docs/pull/12 (aka “spring” cleanup that
is seeking endorsers)
The discussion thread is
I have a question about section, 7.1.6.1. It says:
This section describes the content requirements for the Root CA, Subordinate
CA, and Subscriber Certificates, as they relate to the identification of
Certificate Policy.
For Subscriber certificates I totally understand and agree with section
9 matches
Mail list logo