On 27/02/17 21:41, Ryan Sleevi wrote:
> During a past discussion of precertificates, at
> https://groups.google.com/d/msg/mozilla.dev.security.policy/siHOXppxE9k/0PLPVcktBAAJ
> , Mozilla did not discuss whether or not it considered
> precertificates misissuance, although one module peer (hi! it's
On Mon, Feb 27, 2017 at 2:19 PM, Jeremy Rowley via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> The requirements don't specify what to do with this information. I know
> our product team interpreted this as part of the validation methods and
> exchange of key information,
nt: Monday, February 27, 2017 3:12 PM
To: Ryan Sleevi <r...@sleevi.com>
Cc: mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: (Possible) DigiCert EV Violation
On Mon, Feb 27, 2017 at 1:41 PM, Ryan Sleevi via dev-security-policy
<dev-security-policy@lists.mozilla.org> wrote:
>
On Mon, Feb 27, 2017 at 1:41 PM, Ryan Sleevi via dev-security-policy
wrote:
> The EV Guidelines require certificates issued for .onion include the
> cabf-TorServiceDescriptor extension, defined in the EV Guidelines, as part of
> these certificates. This is
The EV Guidelines require certificates issued for .onion include the
cabf-TorServiceDescriptor extension, defined in the EV Guidelines, as part of
these certificates. This is required by Section 11.7.1 (1) of the EV
Guidelines, reading: "For a Certificate issued to a Domain Name with .onion in
5 matches
Mail list logo