Re: [EXT] Re: Draft further questions for Symantec

2017-05-19 Thread Gervase Markham via dev-security-policy
On 15/05/17 22:08, Michael Casadevall wrote: > RA & EV: > Were all the certificates issued by the RAs uploaded to a CT log? If > not, what, if any, subsets were uploaded? > > I'm aware Symantec was required to upload certificates to CT or if it > was retroactive, but I'm unsure if that requirement

RE: [EXT] Re: Draft further questions for Symantec

2017-05-15 Thread Steve Medin via dev-security-policy
urity-policy > Sent: Monday, May 15, 2017 3:41 PM > To: mozilla-dev-security-pol...@lists.mozilla.org > Subject: Re: [EXT] Re: Draft further questions for Symantec > > The link in footnote [1] > https://www.idmanagement.gov/IDM/servlet/fileField?entityId=ka0t > 000Gmi3AAC=File__

Re: [EXT] Re: Draft further questions for Symantec

2017-05-15 Thread Michael Casadevall via dev-security-policy
I took a stab at trying to grok this. I find I have more questions and a lot more concerns the more I read though. Please let me know if I'm not the only one having issues decoding the responses. Here's my first impressions: RA & EV: Were all the certificates issued by the RAs uploaded to a CT

Re: [EXT] Re: Draft further questions for Symantec

2017-05-15 Thread urijah--- via dev-security-policy
urity-policy > > Sent: Wednesday, May 10, 2017 7:06 AM > > To: mozilla-dev-security-pol...@lists.mozilla.org > > Subject: [EXT] Re: Draft further questions for Symantec > > > > On 08/05/17 13:24, Gervase Markham wrote: > > > 8) Please explain how the Man

RE: [EXT] Re: Draft further questions for Symantec

2017-05-15 Thread Steve Medin via dev-security-policy
> Gervase Markham via dev-security-policy > Sent: Wednesday, May 10, 2017 7:06 AM > To: mozilla-dev-security-pol...@lists.mozilla.org > Subject: [EXT] Re: Draft further questions for Symantec > > On 08/05/17 13:24, Gervase Markham wrote: > > 8) Please explain how the Manage