I personally do think that it matters to this forum. A CA - no matter what kind
of certificates it issues - must take revocation requests seriously and act
immediately, even if the email is sent to the wrong address. If an employee at
the help desk is unable to forward revocation requests, or
Hello,
I have two improvement suggestions for the page crt.sh.
I often stumble across extentions or other kind of OIDs which are not
known/named by the system. For example the extention 1.3.6.1.5.5.7.1.24
(1) It would be great if all OIDs could automatically get a hyperlink pointing
to
Hello Ryan,
thank you for your reply! I actually saw the github link, but I was't sure in
which repository I should open a ticket. As for the forum, I didn't knew it and
I don't see a link at crt.sh
I have posted an email there
Take care,
Daniel
___
I share the opinion with Jakob, except with the CVE. Please remove this change.
It is unnecessary and kills the EV market.
But if you insist on keeping that UI change, maybe you can at least give the
lock symbol a different color if it is an EV cert?
Am Sonntag, 18. August 2019 07:18:56 UTC+2 schrieb Matt Palmer:
>
> [...] From what I can see so far,
> browser vendors aren't "ending" EV certificates, a couple of them are merely
> modifying their UIs guided by relevant research into the efficacy (or lack
> thereof) of the current UI.
>
> -
Please tell me if I understand this correctly...
Is it that DV and EV certificates now both show the same lock symbol?
That would be a great harm in my opinion. And I do not understand why you want
this change.
I think EV is very important and I explain why.
Let's look at following hypothetical
Hello,
Is there an EV Policy OID assigned? I can't find it.
- Daniel
Am Mittwoch, 14. August 2019 00:42:44 UTC+2 schrieb Wayne Thayer:
> This request is for inclusion of the Microsoft RSA Root Certificate
> Authority 2017, Microsoft ECC Root Certificate Authority 2017, Microsoft EV
> RSA Root
I have a few more comments/annotations:
(1) Pro EV persons argue "Criminals have problems getting an EV certificate, so
most of them are using only DV certificates".
Anti EV persons argue "Criminals just don't use EV certificates, because they
know that end users don't look at the EV indicator
Hello,
I am a bit shocked about this case.
The fact that this happened to someone would restrain myself from reporting key
compromises.
Even though it is the company's fault to protect their private key, their
lawers still might sue the incident-reporter. A judge might not understand the
PKI
Am Freitag, 23. August 2019 00:50:35 UTC+2 schrieb Ronald Crane:
> On 8/22/2019 1:43 PM, kirkhalloregon--- via dev-security-policy wrote:
>
> Whatever the merits of EV (and perhaps there are some -- I'm not
> convinced either way) this data is negligible evidence of them. A DV
> cert is
> Okay... we know that people might now know what "TO" or "AX" means...
Typo: I meant "people might not know"
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
> On Tue, Oct 22, 2019 at 03:35:52PM -0700, Kirk Hall via dev-security-policy
> wrote:
>
> This is a mischaracterisation. The EV UI has not been removed, it has been
> moved to a new location.
>
That's like, when I throw something away, I didn't actually threw it away, I
just moved it to a
I think the only really important purpose of OV and EV over DV is that they are
visible on the first sight. Nobody opens the X.509 file to look at the EKU OIDs
or the subject DN. The requirement could just say that x.509 must be supported,
but they do differentiale DV, OV and EV.
13 matches
Mail list logo
