Re: [EXT] Symantec Update on SubCA Proposal

2017-07-21 Thread Rick Andrews via dev-security-policy
On Friday, July 21, 2017 at 12:39:54 PM UTC-7, Peter Bowen wrote: > Steve, > > I think this level of public detail is very helpful when it comes to > understanding the proposal. > > On Thu, Jul 20, 2017 at 8:00 AM, Steve Medin via dev-security-policy > wrote: > > 1) December 1, 2017 is the

Re: [EXT] Symantec Update on SubCA Proposal

2017-07-21 Thread Rick Andrews via dev-security-policy
On Friday, July 21, 2017 at 12:07:02 PM UTC-7, Alex Gaynor wrote: > On Thu, Jul 20, 2017 at 11:00 AM, Steve Medin wrote: > > > 1) *December 1, 2017 is the earliest credible date that any RFP > > respondent can provide the Managed CA solution proposed by Google, assuming > > a start date of

Re: [EXT] Symantec Update on SubCA Proposal

2017-07-21 Thread Peter Bowen via dev-security-policy
Steve, I think this level of public detail is very helpful when it comes to understanding the proposal. On Thu, Jul 20, 2017 at 8:00 AM, Steve Medin via dev-security-policy wrote: > 1) December 1, 2017 is the earliest credible date that any RFP >

Re: [EXT] Symantec Update on SubCA Proposal

2017-07-21 Thread Alex Gaynor via dev-security-policy
On Thu, Jul 20, 2017 at 11:00 AM, Steve Medin wrote: > 1) *December 1, 2017 is the earliest credible date that any RFP > respondent can provide the Managed CA solution proposed by Google, assuming > a start date of August 1, 2017. Only one RFP respondent initially

RE: [EXT] Symantec Update on SubCA Proposal

2017-07-20 Thread Steve Medin via dev-security-policy
) It is our longstanding policy not to comment on rumors or market speculation. From: Alex Gaynor [mailto:agay...@mozilla.com] Sent: Wednesday, July 19, 2017 10:25 AM To: Steve Medin <steve_me...@symantec.com> Cc: mozilla-dev-security-pol...@lists.mozilla.org Subject: Re: [EXT] Symantec

RE: [EXT] Symantec Update on SubCA Proposal

2017-07-20 Thread Steve Medin via dev-security-policy
...@konklone.com] Sent: Wednesday, July 19, 2017 3:43 PM To: Steve Medin <steve_me...@symantec.com> Cc: mozilla-dev-security-pol...@lists.mozilla.org Subject: Re: [EXT] Symantec Update on SubCA Proposal On Wed, Jul 19, 2017 at 11:31 AM, Steve Medin via dev-security-policy <dev-securi

RE: [EXT] Symantec Update on SubCA Proposal

2017-07-20 Thread Steve Medin via dev-security-policy
illa.org > Subject: Re: [EXT] Symantec Update on SubCA Proposal > > On 7/19/2017 8:31 AM, Steve Medin wrote: > >> -Original Message- > >> From: dev-security-policy [mailto:dev-security-policy- > >> bounces+steve_medin=symantec@lists.mozilla.org] On Behal

RE: [EXT] Symantec Update on SubCA Proposal

2017-07-20 Thread Steve Medin via dev-security-policy
f Of > >> Jakob Bohm via dev-security-policy > >> Sent: Tuesday, July 18, 2017 4:39 PM > >> To: mozilla-dev-security-pol...@lists.mozilla.org > >> Subject: Re: [EXT] Symantec Update on SubCA Proposal > >> > >> > >> Just for clarity: &g

Re: [EXT] Symantec Update on SubCA Proposal

2017-07-19 Thread Eric Mill via dev-security-policy
lf Of > > Jakob Bohm via dev-security-policy > > Sent: Tuesday, July 18, 2017 4:39 PM > > To: mozilla-dev-security-pol...@lists.mozilla.org > > Subject: Re: [EXT] Symantec Update on SubCA Proposal > > > > > > Just for clarity: > > > > (Note:

Re: [EXT] Symantec Update on SubCA Proposal

2017-07-19 Thread David E. Ross via dev-security-policy
017 4:39 PM >> To: mozilla-dev-security-pol...@lists.mozilla.org >> Subject: Re: [EXT] Symantec Update on SubCA Proposal >> >> >> Just for clarity: >> >> (Note: Using ISO date format instead of ambiguous local date format) >> >> How many Symantec

Re: [EXT] Symantec Update on SubCA Proposal

2017-07-19 Thread Jakob Bohm via dev-security-policy
...@lists.mozilla.org Subject: Re: [EXT] Symantec Update on SubCA Proposal Just for clarity: (Note: Using ISO date format instead of ambiguous local date format) How many Symantec certs issued prior to 2015-06-01 expire after 2018- 06-01, and how does that mesh with the alternative date proposed below

RE: [EXT] Symantec Update on SubCA Proposal

2017-07-19 Thread Steve Medin via dev-security-policy
.org > Subject: Re: [EXT] Symantec Update on SubCA Proposal > > > Just for clarity: > > (Note: Using ISO date format instead of ambiguous local date format) > > How many Symantec certs issued prior to 2015-06-01 expire after 2018- > 06-01, and how does that mesh with the al

Re: [EXT] Symantec Update on SubCA Proposal

2017-07-19 Thread Alex Gaynor via dev-security-policy
Hi Steve, Thank you for this update on Symantec's progress. I have a few follow-up questions: 1) Did any of the RFP respondents indicate that they could provide the Managed CA solution in the timeframe originally proposed by Google? (August 8th) Alternatively, is December 1st, 2017 the

Re: [EXT] Symantec Update on SubCA Proposal

2017-07-18 Thread Jakob Bohm via dev-security-policy
Just for clarity: (Note: Using ISO date format instead of ambiguous local date format) How many Symantec certs issued prior to 2015-06-01 expire after 2018-06-01, and how does that mesh with the alternative date proposed below: On 18/07/2017 21:37, Steve Medin wrote: Correction: Summary item

RE: [EXT] Symantec Update on SubCA Proposal

2017-07-18 Thread Steve Medin via dev-security-policy
Correction: Summary item #3 should read: 3. May 1, 2018 a. Single date of distrust of certificates issued prior to 6/1/2016. (changed from August 31,2017 for certificates issued prior to 6/1/2015 and from January 18, 2018 for certificates issued prior to 6/1/2016). > -Original