Based on the survey results, we (Ben and I) have recommended the
following updates to the Browser Alignment Ballot. (currently in draft
form here: https://github.com/sleevi/cabforum-docs/pull/10)
1) For the following changes proposed in the ballot, we have recommended
that the effective date
On Mon, Jun 1, 2020 at 7:23 PM Kathleen Wilson via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> ** Sub Item 3.2 -- Limit re-use of domain name and IP address
> verification to 398 days
> (https://github.com/mozilla/pkipolicy/issues/206)
> 19 CAs responded that they either
Thank you to all of you who responded to the May 2020 CA
Communication/Survey.
Communication/Survey:
https://wiki.mozilla.org/CA/Communications#May_2020_CA_Communication
Blog Post:
https://blog.mozilla.org/security/2020/05/08/may-2020-ca-communication/
Responses:
https://wiki.mozilla.org/CA/Co
On 5/7/20 11:33 AM, Kathleen Wilson wrote:
> I have drafted a potential CA Communication and survey, and will greatly
> appreciate your input on it.
>
> https://wiki.mozilla.org/CA/Communications#May_2020_CA_Communication
>
> Direct link to read-only copy of the draft survey:
>
https://cc
> I have drafted a potential CA Communication and survey, and will greatly
> appreciate your input on it.
>
> https://wiki.mozilla.org/CA/Communications#May_2020_CA_Communication
>
> Direct link to read-only copy of the draft survey:
>
https://ccadb-public.secure.force.com/mozillacommunications/C
On 5/4/20 9:31 AM, Corey Bonnell wrote:
Thank you very much for the clarifications. If I'm understanding correctly, it
sounds like Mozilla is considering to add sub-items of item 4 on the survey as
Mozilla Root Program requirements if the associated CAB Forum ballot does not
pass. However, there
7;ll raise them there.
Thanks,
Corey
> -Original Message-
> From: dev-security-policy
> On Behalf Of Kathleen Wilson via dev-security-policy
> Sent: Friday, May 1, 2020 1:29 PM
> To: mozilla-dev-security-pol...@lists.mozilla.org
> Subject: Re: DRAFT May 2020 CA Communication/S
El domingo, 3 de mayo de 2020, 21:05:05 (UTC+2), Ryan Sleevi escribió:
> Pedro,
>
> Did you mean Section 3, not Section 4?
>
Yes, my bad... My comment was indeed related to section 3
___
dev-security-policy mailing list
dev-security-policy@lists.mozill
Pedro,
Did you mean Section 3, not Section 4?
Section 4 does not talk about certificate lifetimes at all, but covers
similar long-standing requirements imposed by other root programs
directly. Naturally, the CA Communications doesn't cover the many
existing Mozilla requirements that are also part
Hello,
this commentary it's quite obvious and probably unnecessary, but I would just
say that the controversy that section 4 of the survey is raising is simply
because many of us have the feeling that this change of certificate lifespan
should have come by means of a ballot and a new version of
On Fri, May 01, 2020 at 04:48:28PM +, Corey Bonnell via dev-security-policy
wrote:
> I have briefly reviewed and would like to ask what is the intent of Item 4
> and the associated sub-items? The Browser Alignment draft ballot is under
> discussion in the CAB Forum, so the intent behind the s
On 5/1/20 10:18 AM, Corey Bonnell wrote:
I agree that the intent of item 3 is clear, given the previous discussion on
the topic [1]. However, there is no corresponding discussion on the Mozilla
list (nor any Github issues [2]) for item 4 and the associated sub-items,
which is why I asked for cl
On 5/1/20 9:48 AM, Corey Bonnell wrote:
Hi Kathleen,
Thank you for sending out this notification of the draft survey. I have briefly
reviewed and would like to ask what is the intent of Item 4 and the associated
sub-items? The Browser Alignment draft ballot is under discussion in the CAB
Forum
> Not Kathleen here, but it seems to make sense to me, for the same reason
> Item 3 makes sense. That is, in Item 3, Apple's deployed a policy, and
> there's
> a question about if/when Mozilla should do the same. Item 4 seems similar -
> 4.1 is a Microsoft requirement, 4.2 is an existing Mozilla i
On Fri, May 1, 2020 at 12:48 PM Corey Bonnell via dev-security-policy
wrote:
>
> Hi Kathleen,
> Thank you for sending out this notification of the draft survey. I have
> briefly reviewed and would like to ask what is the intent of Item 4 and the
> associated sub-items? The Browser Alignment draf
Subject: DRAFT May 2020 CA Communication/Survey
>
> All,
>
> I have drafted a potential CA Communication and survey, and will greatly
> appreciate your input on it.
>
> https://scanmail.trustwave.com/?c=4062&d=poSq3knT0jDipj1ZCEWVbMkhC
> nQ3VJAVJJ3kKSAxrA
All,
I have drafted a potential CA Communication and survey, and will greatly
appreciate your input on it.
https://wiki.mozilla.org/CA/Communications#May_2020_CA_Communication
Direct link to read-only copy of the draft survey:
https://ccadb-public.secure.force.com/mozillacommunications/CAComm
17 matches
Mail list logo