https://www.idmanagement.gov/wp-content/uploads/sites/1171/uploads/gsa-aces-sunset-guide.pdf
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
https://groups.google.com/forum/#!forum/cus-policy-layer
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
As a practical exercise in logic, pick any CA that issues EV Certificates and
is CAB BR compliant. Look at the CA Certificate Policy Statement and Relying
Party Agreement. It's irrelevant to cite the UX of the "normal" user without
first look at the agreements and policy. For the most part it wi
Since we use ACES certificates for sending healthcare information in a way that
mimimizes MITM, I was surprised to read the following.
"The Federal PKI has cross-certified other agencies and commercial CAs, which
means their certificates will be trusted by clients that trust the Federal PKI.
H
The 2017 ACES CP excluding anything other than citizen to E-gov breaks certain
use cases that are outside the scope of Mozilla, but not from the standpoint of
a fully functional commercial c=US structure which I have developed since 1996
since I reached an agreement with GSA on how to proceed a
That very useful visualization can seen in Chrome and validates against the
Identrust ACES 2 root.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
I probably need some additional information to see if my partners can
effectively share PHI at LOA 3 and I don't want to burden the list on whether
the healthcare use cases defined by the Federal Health Architecture is covered
by ACES 2017 Jan policy. It's very important that the community agree
Can I have a pointer to the current up to date discussion on the S/MIME trust
bit?
I am participating in the 21st Century Cures trust framework discussion which
involves the Direct Project that specified S/MIME as the primary conduit for
communication.
This project attempted to simplify healt
On Tuesday, October 31, 2017 at 9:22:09 AM UTC-4, Kyle Hamilton wrote:
> http://www.eweek.com/security/francisco-partners-acquires-comodo-s-certificate-authority-business
I did a little spot check. So yes they hired a person who was involved with
Entrust, so that is a plus. The website says it is
I think this is fundamentally an issue of the history of the DNS and X.500
architecture. Combined with social factors since 1996 when the original NSF
Directory and DNS grant money ran out, and domains (which had been free) became
this wild west name space, which has reached some predictable lev
@Jakob I was referring to the classical namespaces which have evolved since the
1980s. The NSF pilot project was based on a now obsolete version of X.500,
Quipu, that world rooted with participating county directories. While I
managed that part of the capital D Directory it was in the context o
@Ryan
“Since improving it as a technical means is an effective non-starter (e.g.
introducing a new origin for only EV certs), the only fallback is to the
cognitive means”
EV is a convenient signal. I like it. The problem is the infrastructure that
pits the Internet and it’s protocols with in
12 matches
Mail list logo