On Tuesday, 4 July 2017 10:50:43 UTC+1, Jeremy Rowley wrote:
> I'm an idiot. The discussion wasn't meant to be a red herring. Just a
> momentary lapse in intelligence...
>
> It really looks like this from a validation perspective, right? EE ->
> Self-signed -> Issuing CA (as it has the same key)
ce.
>
> -Original Message-
> From: Rob Stradling [mailto:rob.stradl...@comodo.com]
> Sent: Monday, July 3, 2017 2:14 PM
> To: Jeremy Rowley ;
> mozilla-dev-security-pol...@lists.mozilla.org
> Subject: Re: DigiCert policy violation - non-disclosure of
> https://crt.
.@lists.mozilla.org
Subject: Re: DigiCert policy violation - non-disclosure of
https://crt.sh/?id=160110886
On Tuesday, 4 July 2017 02:37:36 UTC+1, Jeremy Rowley wrote:
> [JR] Well yeah - but this one is self-signed and self-issued, so how
> does it chain?
This seems to be a source of conf
al Message-
From: Rob Stradling [mailto:rob.stradl...@comodo.com]
Sent: Monday, July 3, 2017 2:14 PM
To: Jeremy Rowley ;
mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: DigiCert policy violation - non-disclosure of
https://crt.sh/?id=160110886
On 03/07/17 16:10, Jeremy Rowley via dev-securit
On Tuesday, 4 July 2017 02:37:36 UTC+1, Jeremy Rowley wrote:
> [JR] Well yeah - but this one is self-signed and self-issued, so how does it
> chain?
This seems to be a source of confusion for a lot of people, several people have
posted queries about it to Stack Overflow or its sister Q&A systems
Thanks Nick. I'm missing something on this, so I appreciate the help so
far. I replied to each section.
Perhaps you have confused transitivity with commutativity or one of the
other simple properties. Transitivity is the property whereby if F(A,B) and
F(B,C) then F(A,C), for example the "greater
On Monday, 3 July 2017 23:05:53 UTC+1, Jeremy Rowley wrote:
> And it's hardly fair to deride my lack of understanding on what transitive
> trust entails in the digital certificate space considering it's outside of
> the usual trust paths, not defined in the standard RFCs, and not the same as
> the
urity-policy
Sent: Monday, July 3, 2017 4:05 PM
To: Nick Lamb ;
mozilla-dev-security-pol...@lists.mozilla.org
Subject: RE: DigiCert policy violation - non-disclosure of
https://crt.sh/?id=160110886
"Previously accepted without comment" is hardly accurate. There's lots of
comments o
y-pol...@lists.mozilla.org
Subject: Re: DigiCert policy violation - non-disclosure of
https://crt.sh/?id=160110886
On Monday, 3 July 2017 22:00:00 UTC+1, Jeremy Rowley wrote:
> Link please to a formal definition? As your email alleges a policy
violation by one a cross-signed CAs, we take the i
On Monday, 3 July 2017 22:00:00 UTC+1, Jeremy Rowley wrote:
> Link please to a formal definition? As your email alleges a policy violation
> by one a cross-signed CAs, we take the investigation and response very
> seriously. I'd like to know the basis for the definition before formulating
> an
r non-compliance.
-Original Message-
From: Rob Stradling [mailto:rob.stradl...@comodo.com]
Sent: Monday, July 3, 2017 2:14 PM
To: Jeremy Rowley ;
mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: DigiCert policy violation - non-disclosure of
https://crt.sh/?id=160110886
On 03/07/17
3, 2017 5:32 AM
To: mozilla-dev-security-pol...@lists.mozilla.org
Subject: DigiCert policy violation - non-disclosure of
https://crt.sh/?id=160110886
https://crt.sh/mozilla-disclosures#undisclosed has listed
https://crt.sh/?id=160110886 for over 1 week.
This is a violation of section 5.3.2
Monday, July 3, 2017 5:32 AM
To: mozilla-dev-security-pol...@lists.mozilla.org
Subject: DigiCert policy violation - non-disclosure of
https://crt.sh/?id=160110886
https://crt.sh/mozilla-disclosures#undisclosed has listed
https://crt.sh/?id=160110886 for over 1 week.
This is a violation of
https://crt.sh/mozilla-disclosures#undisclosed has listed
https://crt.sh/?id=160110886 for over 1 week.
This is a violation of section 5.3.2 of the Mozilla Root Store Policy
v2.5 [1], which says (emphasis mine):
"All certificates that are capable of being used to issue new
certificates, that a
14 matches
Mail list logo