RE: [EXT] Symantec: Draft Proposal

2017-05-15 Thread Steve Medin via dev-security-policy
zilla.org>; mozilla-dev-security-pol...@lists.mozilla.org Subject: Re: [EXT] Symantec: Draft Proposal To ask a substantive question, you have asserted that all certificates issued have been logged to CT; this Symantec CA currently has no publicly logged issued certificates: https://cr

Re: [EXT] Symantec: Draft Proposal

2017-05-05 Thread Gervase Markham via dev-security-policy
On 05/05/17 04:30, Steve Medin wrote: > Gerv, thank you for your draft proposal under consideration. We have posted > our comments and detailed information at: > https://www.symantec.com/connect/blogs/symantec-ca-continues-public-dialogue It feels somewhat strange to have this disjointed

Re: [EXT] Symantec: Draft Proposal

2017-05-05 Thread Alex Gaynor via dev-security-policy
-security-policy > > Sent: Monday, May 01, 2017 10:16 AM > > To: mozilla-dev-security-pol...@lists.mozilla.org > > Subject: [EXT] Symantec: Draft Proposal > > > > Here is my analysis and proposal for what actions the Mozilla CA > Certificates > > module o

Re: [EXT] Symantec: Draft Proposal

2017-05-05 Thread tmcqueen.old--- via dev-security-policy
7 10:16 AM > > To: mozilla-dev-security-pol...@lists.mozilla.org > > Subject: [EXT] Symantec: Draft Proposal > > > > Here is my analysis and proposal for what actions the Mozilla CA > Certificates > > module owner should take in respect of

RE: [EXT] Symantec: Draft Proposal

2017-05-04 Thread Steve Medin via dev-security-policy
illa.org > Subject: [EXT] Symantec: Draft Proposal > > Here is my analysis and proposal for what actions the Mozilla CA Certificates > module owner should take in respect of Symantec. > [snip] > Please discuss the document here in mozilla.dev.security.policy. A good > timefra

Re: [EXT] Symantec: Draft Proposal

2017-05-02 Thread Gervase Markham via dev-security-policy
Hi Steve, On 02/05/17 18:39, Steve Medin wrote: > Gerv- Thank you for the thoughtful analysis. We are reviewing and intend to > respond to your latest proposal shortly. Please understand that this is not (yet) Mozilla's response to Symantec. If we were a closed root program, this would be an

RE: [EXT] Symantec: Draft Proposal

2017-05-02 Thread Steve Medin via dev-security-policy
kham via dev-security-policy > Sent: Monday, May 01, 2017 10:16 AM > To: mozilla-dev-security-pol...@lists.mozilla.org > Subject: [EXT] Symantec: Draft Proposal > > Here is my analysis and proposal for what actions the Mozilla CA Certificates > module owner should take in