Rob: what, if any, changes will be made to the Sectigo CP/CPS as a result
of this change of control?
Thanks,
Wayne
On Thu, Oct 1, 2020 at 1:55 PM Ben Wilson via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> As announced previously by Rob Stradling, there is an
As announced previously by Rob Stradling, there is an agreement for
private investment firm GI Partners, out of San Francisco, CA, to acquire
Sectigo. Press release:
https://sectigo.com/resource-library/sectigo-to-be-acquired-by-gi-partners.
I am treating this as a change of legal ownership
Below is a list of issues that I propose be addressed in the next version
(2.7.1) of the Mozilla Root Store Policy (MRSP). There are currently 73
issues related to the MRSP listed here:
https://github.com/mozilla/pkipolicy/issues. So far, I have identified 13
items to consider for this policy
On Thu, Oct 1, 2020 at 6:39 AM Corey Bonnell via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
>
> Although RFC 5280, section 5 [2] mandates that conforming CAs MUST produce
> v2 CRLs, the CAs issuing v1 CRLs pre-date any browser root requirements
> that mandate adherence to
I did some searching in this area after Microsoft announced the new root
program requirement back in February [1] and it appears that v1 CRLs are still
being actively published in the webPKI. Notably, v1 CRLs do not support
extensions in revoked entries, so there is no way to encode the
Hello,
as we are in the "list of shame" and as a way to ensure we are following these
discussions, I'd like to say that the OISTE CA that is referenced here (it's an
old intermediate CA expiring in December 2020, and its CRL contains some
unspecified revocations for Issuing CAs from 2015 and
6 matches
Mail list logo