Re: Audit Reminder Email Summary
On 9/15/20 3:21 PM, Kathleen Wilson wrote: Forwarded Message Subject: Summary of September 2020 Audit Reminder Emails Mozilla: Audit Reminder CA Owner: E-Tugra Root Certificates: E-Tugra Certification Authority Standard Audit: https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf Standard Audit Period End Date: 2019-07-26 BR Audit: https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf BR Audit Period End Date: 2019-07-26 EV Audit: https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf EV Audit Period End Date: 2019-07-26 CA Comments: null E-Tugra's representative has reminded me that they filed https://bugzilla.mozilla.org/show_bug.cgi?id=1659426 to inform us of audit delay due to Covid19. Thanks, Kathleen ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: Notice on SC31 and CAs using EJBCA
To be clear, the change came as a result of following the cabf mailing lists, and was released as soon as it could be fit into our pipeline. All customers were informed through our release mailing list. Cheers Mike Agrenius Kushner Product Owner, EJBCA On Fri, 18 Sep 2020 at 13:35, Arvid Vermote via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > During gap analysis and impact assessment of the changes to the BR in the > > context of SC31 - Browser Alignment, we noted that our legacy platform, > > using EJBCA as issuance backend, did not fully support the changes related > > to not including the "Unspecified" reason code in OCSP responses for the > > certificates that are revoked with that reason. Refer to BR 1.7.1 section > > 7.3 and 7.2.2, this specific requirement is effective as of September 30 > > 2020. > > > > > > > > We raised the issue with PrimeKey and EJBCA version 7.4.2 was released on > > September 14 2020. This message is intended to inform other CA using EJBCA > > software and subject to BR of the above. > > > > ___ > > dev-security-policy mailing list > > dev-security-policy@lists.mozilla.org > > https://lists.mozilla.org/listinfo/dev-security-policy > > ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Notice on SC31 and CAs using EJBCA
During gap analysis and impact assessment of the changes to the BR in the context of SC31 - Browser Alignment, we noted that our legacy platform, using EJBCA as issuance backend, did not fully support the changes related to not including the "Unspecified" reason code in OCSP responses for the certificates that are revoked with that reason. Refer to BR 1.7.1 section 7.3 and 7.2.2, this specific requirement is effective as of September 30 2020. We raised the issue with PrimeKey and EJBCA version 7.4.2 was released on September 14 2020. This message is intended to inform other CA using EJBCA software and subject to BR of the above. smime.p7s Description: S/MIME cryptographic signature ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy