All,
Thank you for your thoughtful feedback on the new wiki page.
And I apologize for the delay in my response, due to my summer vacation.
I have updated the wiki page in an effort to incorporate all of your
feedback:
https://wiki.mozilla.org/CA:RootTransferPolicy
+ Added a second paragraph
Brian Howson said..
. I'm not sure if this should be additions to the
original inclusion request or a new request, that might depend on whether
it is
wholesale (like today's Digicert acquisition of Verizon) or piecemeal
(like the
one root Amazon acquired from Comodo).
Amazon have not
I misspoke, go daddy.
On Tue, Jun 23, 2015, 12:30 PM Robin Alden ro...@comodo.com wrote:
Brian Howson said..
. I'm not sure if this should be additions to the
original inclusion request or a new request, that might depend on whether
it is
wholesale (like today's Digicert
On Tuesday, June 2, 2015 at 1:44:59 PM UTC-4, Kathleen Wilson wrote:
On 6/1/15 4:13 PM, David E. Ross wrote:
On 6/1/2015 2:45 PM, Kathleen Wilson wrote:
On 5/29/15 4:55 PM, David E. Ross wrote:
On 5/29/2015 2:16 PM, Kathleen Wilson wrote:
On 5/28/15 7:53 PM, David E. Ross wrote:
I have
-security-pol...@lists.mozilla.org
Subject: Re: Policy about root cert transfers
On 6/2/2015 10:44 AM, Kathleen Wilson wrote:
I've re-written the Change in Legal Ownership section. Please send me
feedback on the new version, and let me know if this is heading in the
right direction.
https
On 6/2/2015 10:44 AM, Kathleen Wilson wrote:
I've re-written the Change in Legal Ownership section. Please send me
feedback on the new version, and let me know if this is heading in the
right direction.
https://wiki.mozilla.org/CA:RootTransferPolicy#Change_in_Legal_Ownership
Thanks,
then?
Original Message
From: David E. Ross
Sent: Tuesday, June 2, 2015 4:32 PM
To: mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: Policy about root cert transfers
On 6/2/2015 10:44 AM, Kathleen Wilson wrote:
I've re-written the Change in Legal Ownership section. Please send me
feedback
On 6/1/15 4:13 PM, David E. Ross wrote:
On 6/1/2015 2:45 PM, Kathleen Wilson wrote:
On 5/29/15 4:55 PM, David E. Ross wrote:
On 5/29/2015 2:16 PM, Kathleen Wilson wrote:
On 5/28/15 7:53 PM, David E. Ross wrote:
I have started the wiki page for this, and I will appreciate your
feedback on it.
On 5/29/15 4:55 PM, David E. Ross wrote:
On 5/29/2015 2:16 PM, Kathleen Wilson wrote:
On 5/28/15 7:53 PM, David E. Ross wrote:
I have started the wiki page for this, and I will appreciate your
feedback on it.
https://wiki.mozilla.org/CA:RootTransferPolicy
Thanks,
Kathleen
Does the line
On 6/1/2015 2:45 PM, Kathleen Wilson wrote:
On 5/29/15 4:55 PM, David E. Ross wrote:
On 5/29/2015 2:16 PM, Kathleen Wilson wrote:
On 5/28/15 7:53 PM, David E. Ross wrote:
I have started the wiki page for this, and I will appreciate your
feedback on it.
On 5/29/2015 2:16 PM, Kathleen Wilson wrote:
On 5/28/15 7:53 PM, David E. Ross wrote:
I have started the wiki page for this, and I will appreciate your
feedback on it.
https://wiki.mozilla.org/CA:RootTransferPolicy
Thanks,
Kathleen
Does the line beginning In all of these cases, the CA
On 5/28/2015 4:32 PM, Kathleen Wilson wrote:
On 5/6/15 11:58 AM, Kathleen Wilson wrote:
On 4/23/15 4:21 PM, Kathleen Wilson wrote:
All,
It has been brought to my attention that we do not have a documented
procedure or policy about how to transfer a root certificate from one CA
to another.
On 5/6/15 11:58 AM, Kathleen Wilson wrote:
On 4/23/15 4:21 PM, Kathleen Wilson wrote:
All,
It has been brought to my attention that we do not have a documented
procedure or policy about how to transfer a root certificate from one CA
to another.
Do we need to add expectations about root cert
On 4/23/15 4:21 PM, Kathleen Wilson wrote:
All,
It has been brought to my attention that we do not have a documented
procedure or policy about how to transfer a root certificate from one CA
to another.
Do we need to add expectations about root cert transfers to Mozilla's CA
Certificate Policy?
On 4/24/2015 10:14 PM, Ryan Sleevi wrote:
On Fri, April 24, 2015 7:52 pm, David E. Ross wrote:
If a root has already been added to the NSS database, we must assume
that it has undergone the Mozilla process for that inclusion. The
process involves looking not only at the root but also at
I forgot to include the following point.
On 4/24/2015 11:32 PM, David E. Ross wrote:
However, all certification authorities whose root certificates are in
the NSS database have indeed undergone community review.
How else can you explain that a single request to Mozilla from a
certification
On 24/04/15 08:17, Man Ho (Certizen) wrote:
The term transfer a root certificate is new to me. What are the
rationale of such transferal? Move from one location to another
location, or from one HSM to another HSM? Ownership of the CA had
changed from one organization to another organization?
To: mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: Policy about root cert transfers
On 2015-04-24 01:21, Kathleen Wilson wrote:
4) Before the new CA begins issuing certs in the transferred CA cert
hierarchy, there should be an audit performed at the new CA's site to
confirm
On 4/23/2015 4:21 PM, Kathleen Wilson wrote:
All,
It has been brought to my attention that we do not have a documented
procedure or policy about how to transfer a root certificate from one CA
to another.
Do we need to add expectations about root cert transfers to Mozilla's CA
On Fri, April 24, 2015 6:34 am, Moudrick M. Dadashov wrote:
Kathleen, wouldn't be it easier to apply the transferred CA the same
requirements as to any other? That means the new CA must have its
operations audited under its ***fully completed transfer*** operations.
The root and all
On 4/24/2015 5:30 PM, Ryan Sleevi wrote:
On Fri, April 24, 2015 6:34 am, Moudrick M. Dadashov wrote:
Kathleen, wouldn't be it easier to apply the transferred CA the same
requirements as to any other? That means the new CA must have its
operations audited under its ***fully completed
On Fri, April 24, 2015 8:20 am, David E. Ross wrote:
2. If the new owner is a certification authority whose root
certificates already exist in the NSS database, that root will continued
to be considered trusted. However, trust bits and EV status of the
transferred root cannot exceed the
On 4/24/2015 8:58 AM, Ryan Sleevi wrote [in part]:
On Fri, April 24, 2015 8:20 am, I previously wrote [also in part]:
2. If the new owner is a certification authority whose root
certificates already exist in the NSS database, that root will continued
to be considered trusted. However,
On Fri, April 24, 2015 7:52 pm, David E. Ross wrote:
If a root has already been added to the NSS database, we must assume
that it has undergone the Mozilla process for that inclusion. The
process involves looking not only at the root but also at the
certification authority; at least that
On 2015-04-24 01:21, Kathleen Wilson wrote:
4) Before the new CA begins issuing certs in the transferred CA cert
hierarchy, there should be an audit performed at the new CA's site to
confirm that the transfer was successful and that the root cert is ready
to resume issuance.
Would this be a
25 matches
Mail list logo
