On 4/20/15 5:05 PM, Kathleen Wilson wrote:
On 4/14/15 8:50 AM, yuhongbao_...@hotmail.com wrote:
On Thursday, March 19, 2015 at 1:02:06 PM UTC-7, Peter Bowen wrote:
On Wed, Mar 18, 2015 at 12:40 PM, Kathleen Wilson
kwil...@mozilla.com wrote:
I propose removing the following root cert from NSS,
On 4/14/15 8:50 AM, yuhongbao_...@hotmail.com wrote:
On Thursday, March 19, 2015 at 1:02:06 PM UTC-7, Peter Bowen wrote:
On Wed, Mar 18, 2015 at 12:40 PM, Kathleen Wilson kwil...@mozilla.com wrote:
I propose removing the following root cert from NSS, due to inadequate audit
statements.
On Thursday, March 19, 2015 at 1:02:06 PM UTC-7, Peter Bowen wrote:
On Wed, Mar 18, 2015 at 12:40 PM, Kathleen Wilson kwil...@mozilla.com wrote:
I propose removing the following root cert from NSS, due to inadequate audit
statements.
Issuer:
CN = e-Guven Kok Elektronik Sertifika Hizmet
On Fri, Mar 20, 2015 at 11:48 PM, Peter Kurrasch fhw...@gmail.com wrote:
I do still think it would be a good idea to get the word out so that
concerned admins can fix their sites before things suddenly stop working.
If they use the developer edition of Firefox they'll discover this in
time. I
On 19/03/15 20:01, Peter Bowen wrote:
On Wed, Mar 18, 2015 at 12:40 PM, Kathleen Wilson kwil...@mozilla.com wrote:
I propose removing the following root cert from NSS, due to inadequate audit
statements.
Issuer:
CN = e-Guven Kok Elektronik Sertifika Hizmet Saglayicisi
O = Elektronik Bilgi
On Fri, Mar 20, 2015 at 10:37 AM, Ryan Sleevi
ryan-mozdevsecpol...@sleevi.com wrote:
On Thu, March 19, 2015 3:53 pm, Peter Kurrasch wrote:
There are 2 differences. First, in
the event HSTS was activated on the site there will be no chance to
override. Second, a user in that region may
That's fine. I don't necessarily disagree with removing the root entirely but I do think it's a more heavy-handed remedy than is necessary. I view it as the difference between a punch in the chest vs a strenuous poke.This action is a little more elective on Mozilla's part than other cases we've
On Thu, Mar 19, 2015 at 4:39 PM, David Keeler dkee...@mozilla.com wrote:
On 03/19/2015 01:01 PM, Peter Bowen wrote:
Given this ratio, I find it very hard to believe that they would be
able to receive an audit report without qualifications that Mozilla
would deem unacceptable.
Maybe I'm
On Thu, March 19, 2015 4:49 pm, Peter Bowen wrote:
For example, based on what you reported and what I saw, the audit
report should at a minimum say:
E-Guven complies with the Baseline Requirements with the following
qualifications:
- Some certificates issued do not conform to 9.2.1
-
Matt Palmer mpal...@hezmatt.org writes:
On Thu, Mar 19, 2015 at 01:01:32PM -0700, Peter Bowen wrote:
In the Pilot CT log, which includes every certificate that the Google
crawler has seen, I found 19 unexpired certificates issued by this CA.
Their subjects are as follows (using the default
On Wed, Mar 18, 2015 at 12:40:11PM -0700, Kathleen Wilson wrote:
I propose removing the following root cert from NSS, due to inadequate audit
statements.
If they can't follow the rules, they need to go.
- Matt
___
dev-security-policy mailing list
On 18/03/15 03:40 PM, Kathleen Wilson wrote:
Richard Barnes has verified that there's minimal compatibility impact to
removing this root certificate. Current telemetry shows that this root
has been responsible for 9.57k out of 9.4B validations, or about one in
a million.
The trust store
12 matches
Mail list logo