Good subject.
I am, as ordinary user still dont know, can I trust of root certs of Entrust or
no because this question more than 1 time opened in CA/Incident Dashboard under
mark 'trust'. ...Now this bugs I can no search.
___
dev-security-policy
Hello Ben,
What CA you present here?
Andrew.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
As an ordinary user from.Russia, I am very glad that DarkMatter is rejected in
this thread. If for example there are complaints about some kind of plastic
surgeon, then it is better to refuse the operation than to immediately start
trying on yourself having believed his documents and risking to
It seems to me that the acceptance of this root can cause great damage to
Mozilla to the future and cause great discussions in the Linux community. Is
Mozilla ready to do all this and lose the support of a large number of users in
the future? In my opinion these are the main issues.
Concern is that the incident report was submitted only when it required the
inclusion of the new root certificate in Mozilla Root Store...
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
"qwacs"? Sorry, what is it?
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
Hello,
Do you have planned to remove the QuoVadis Root certificates and use Digicert
Root certificates for intermediate certs of QuoVadis or no?
Thanks.
Andrew (Russia)
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
This URL ( https://crt.sh/test-websites ) does not work (~5 days)
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
Hello,
D-TRUST will removed in the future or is this the last Chinese warning? :)
Andrew.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
If Google had not started the process of Symantec distrust, Mozilla would never
have come to this step, I think.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
I think that punishments of the CAs for already exists in Mozilla Root Store
are very mild, and some CAs often do not pay any attention to this...
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
Quote:
* Root Certificate Download URL:
Extended Validation Root: http://www.sheca.com/download/getdownloadforpdf/73
Hello,
At this URL - 404 Not found.
Sincerely,
Andrew.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
There is simply no market of CAs in Russia. But if this market be appeared, it
is unlikely that he would enjoy the trust of ordinary web users: please read
Yarovaya's Law (surveillance and web logging in the WWW of Russia up to 6 monts)
Sincerely,
Andrew (Russia)
Hello Caju Mihai,
Because in Russia there are no significant and notable CAs. Usually only
foreign CAs are used.
Sincerely,
Andrew (Russia)
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
Hello,
This request will be rejected or will be pending?
Enjoy,
Andrew.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
I do not understand this secrecy for reading anyway.
Andrew
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
If Mozilla develops an open product, then why are some discussions unavailable
to users even for reading? (I'm not sure that this will protect against the
PRISM intelligence system inside Google groups, so you have secrets from random
users?)
___
Hi, Ramiro.
But how will the problems persecuting your CA disappear, even if the root is
sterile.
Andrew
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
It's bad that 70% of the root certificates in the discussion thread are
certificates of governments that are not needed to anyone except these
governments.
Andrew
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
Pedro,
The link in the first post says that the root OISTE WISeKey Global Root GB CA
will replace OISTE WISeKey GA CA after adding "GB CA" in Mozilla Root Store.
Now the third root "GC CA" is under consideration...
I'm sorry if I misunderstood something.
Andrew
https://bugzilla.mozilla.org/show_bug.cgi?id=1172819#c9
I tested the root certificate is OISTE WISeKey Global Root GA CA on gov.sc
websites and it does not work anymore: red SSL icon is displayed.
I contacted with WISeKey via i...@wisekey.com one week ago on this issue, but
the answer was
It seems to me that some CA's hold unanswered Mozilla's questions because they
know that it will not cause any serious consequences. I mean removing a root
certificates from Mozilla Root Store. However, this point of view here seems to
have already been voiced.
Also, it should be understood that on Linux OS no transitional periods will be
made, but simply to removes all Symantec certificates from a certain date.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
Here it is also a question of a dangerous precedent. Should Mozilla always
forgive all bad CA in the future and take a formal approach to security?
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
Hello Wayne,
At me the link on the pdf file is work correctly from Google Chrome ver. 49,
but I cannot load this file in my post...
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
Hello Peter,
But what prevents Francisco Partners making security nightmare after the
probationary period? This is logical, I think.
Regards,
Andrew
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
Hello,
Why you're removed the post of Peter Gutmann (Nov. 1, 2017, 4:08)?
If I understand correctly, at the time of the public discussion for new root
certificates SSL.com (RA Comodo) Mozilla concealed information about the
acquisition of SSL business of Comodo and that now the past public
Hello David,
If I understand correctly, these 3 root certificates of TrustVawe were not
deleted:
https://ccadb-public.secure.force.com/mozilla/IncludedCACertificateReport (see
bottom part)
___
dev-security-policy mailing list
28 matches
Mail list logo