On Tue, Oct 22, 2019 at 7:41 PM Ryan Sleevi wrote:
>
> On Tue, Oct 22, 2019 at 9:51 PM Wayne Thayer via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
>> I have added this proposal to the 2.7 branch:
>>
>> https://github.com/mozilla/pkipolicy/commit/fa843039285b10030490c7
On Tue, Oct 22, 2019 at 9:51 PM Wayne Thayer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> I have added this proposal to the 2.7 branch:
>
> https://github.com/mozilla/pkipolicy/commit/fa843039285b10030490c7eb54d1b754edae1fbc
>
> I will greatly appreciate everyone's fee
Having received no comments, I did not add the proposed guidance on status
update frequency, but I did make the "marked as resolved" change that
Jeremy suggested:
https://github.com/mozilla/pkipolicy/commit/bad3fedc10e1fe9d5237760093ad235326e3bd62
An additional related change has been proposed in
Jeremy Rowley posted the following comments in a separate thread:
One suggestion on incident reports is to define "regularly update" as some
> period of time as non-responses can result in additional incident reports.
> Maybe something along the lines of "the greater of every 7 days, the time
> pe
On Tue, Apr 16, 2019 at 12:02 PM Wayne Thayer wrote:
>
> I've drafted a specific proposal for everyone's consideration:
>
>
> https://github.com/mozilla/pkipolicy/commit/5f1b0961fa66f824adca67d7021cd9c9c62a88fb
>
>
Having received no new comments on this proposal, I'll consider this issue
closed
On Fri, Mar 29, 2019 at 11:59 AM Wayne Thayer wrote:
> On Thu, Mar 28, 2019 at 5:29 PM Ryan Sleevi wrote:
>
>>
>> On Thu, Mar 28, 2019 at 7:42 PM Wayne Thayer wrote:
>>
>>> On Thu, Mar 28, 2019 at 4:11 PM Ryan Sleevi wrote:
>>>
On Thu, Mar 28, 2019 at 6:45 PM Wayne Thayer via dev-security
On Thu, Mar 28, 2019 at 5:29 PM Ryan Sleevi wrote:
>
> On Thu, Mar 28, 2019 at 7:42 PM Wayne Thayer wrote:
>
>> On Thu, Mar 28, 2019 at 4:11 PM Ryan Sleevi wrote:
>>
>>> On Thu, Mar 28, 2019 at 6:45 PM Wayne Thayer via dev-security-policy <
>>> dev-security-policy@lists.mozilla.org> wrote:
>>>
On Thu, Mar 28, 2019 at 7:42 PM Wayne Thayer wrote:
> On Thu, Mar 28, 2019 at 4:11 PM Ryan Sleevi wrote:
>
>> On Thu, Mar 28, 2019 at 6:45 PM Wayne Thayer via dev-security-policy <
>> dev-security-policy@lists.mozilla.org> wrote:
>>
>>> **Incidents**
>>> > When a CA fails to comply with any requ
On Thu, Mar 28, 2019 at 4:11 PM Ryan Sleevi wrote:
>
> On Thu, Mar 28, 2019 at 6:45 PM Wayne Thayer via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
>> We currently expect CAs to deliver incident reports whenever they fail to
>> comply with our policy, but this is not a
On Thu, Mar 28, 2019 at 6:45 PM Wayne Thayer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> We currently expect CAs to deliver incident reports whenever they fail to
> comply with our policy, but this is not a requirement of our policy. There
> is no obvious place to add
We currently expect CAs to deliver incident reports whenever they fail to
comply with our policy, but this is not a requirement of our policy. There
is no obvious place to add this in the existing policy, so I propose
creating a new top-level section that reads as follows:
**Incidents**
> When a C
11 matches
Mail list logo