Re: Distrusting New WoSign and StartCom Certificates -- Mozilla Security Blog
I see that Google's response (and Apple's) is harsher than Mozilla, by caterogically distrusts WoSign and StartCom without granting the option, as Mozilla does, to resubmit a new CA application after a set period of time through which they work to correct their flawed procedures. ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: StartCom & Qihoo Incidents
On Sunday, October 23, 2016 at 7:56:16 AM UTC+3, Peter Bowen wrote: > is a wholly owned subsidiary of Tianjim Qixin Tongda Technology Co., > Ltd. > https://www.chinatechnews.com/2016/04/27/23475-qihoo-360s-privatization-approved-by-ndrc >From the provided link, I am flabbergasted by the reason to go private: "As a publicly-listed Chinese company in the United States, Qihoo 360 has faced the pressures of being a public company. Transparency dogged the company, which also has a security software component, and ultimately the company saw the U.S. public markets as incompatible with how the company wanted to conduct business." so apropos... ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: StartCom & Qihoo Incidents
On Thursday, October 13, 2016 at 7:51:11 PM UTC+3, Jakob Bohm wrote: > I just skimmed it, and that just looks like Qihoo 360 acquired some > other companies that I don't recognize and did so by technically > merging the company while concentrating ownership with the existing > Qihoo 360 shareholders. "the Company (namely, Qihoo 360) became a wholly owned subsidiary of Midco" ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy