These have now been revoked in OneCRL:
https://bugzilla.mozilla.org/show_bug.cgi?id=1252142
On Fri, Feb 26, 2016 at 4:14 PM, Dean Coclin
wrote:
> You beat me to it:
>
> Thesecertificate have been logged to our CT log server at
> ct.ws.symantec.com,with these index numbers:
>
> 236731
>
> 23674
On Fri, Feb 26, 2016 at 08:32:34AM -0800, douglas.beat...@gmail.com wrote:
> I hope the same courtesy is afforded to other high profile customers and
> their CA should the need arise.
Why should a requestor's profile come into it? Because they're in a better
position to make trouble if their requ
On Thursday, February 25, 2016 at 10:06:50 PM UTC-5, Peter Gutmann wrote:
> Dean Coclin writes:
>
> >According to WP, as part of the EMV program, they are aggressively rolling
> >out new devices to replace all old equipment in the field. They expect this
> >to be completed by the end of the year.
You beat me to it:Thesecertificate have been logged to our CT log server at ct.ws.symantec.com,with these index numbers:236731236746236748236751236759236763236767 Dean Coclin On 02/26/16, Andrew Ayer wrote: On Wed, 24 Feb 2016 16:11:38 -0800 (PST)rbar...@mozilla.com wrote:> 2. On issuance of any
On Fri, Feb 26, 2016 at 11:32 AM, wrote:
> On Thursday, February 25, 2016 at 10:06:50 PM UTC-5, Peter Gutmann wrote:
> > Dean Coclin writes:
>
> I think Symantec and Mozilla are doing the right thing. Nobody is asking
> to extend the 1/1/2017 SHA-1 deprecation date. World Pay could have SHA-1
On Thursday, February 25, 2016 at 10:06:50 PM UTC-5, Peter Gutmann wrote:
> Dean Coclin writes:
I think Symantec and Mozilla are doing the right thing. Nobody is asking to
extend the 1/1/2017 SHA-1 deprecation date. World Pay could have SHA-1
certificates that expire on 12/31/2016 if they had
Dean Coclin writes:
>According to WP, as part of the EMV program, they are aggressively rolling
>out new devices to replace all old equipment in the field. They expect this
>to be completed by the end of the year. They have already moved a large
>number of devices to support SHA-2.
Wouldn't it b
What CA(s) would Symantec use as the issuer for the certificates?The same one they've been using and know works: VeriSign Class 3 International Server CA - G3.>>Dean, are you sure about that? Rob-Yes I am. I am sure that we will be using that CA to satisfy this request because we know it works. You
Richard,According to WP, as part of the EMV program, they are aggressively rolling out new devices to replace all old equipment in the field. They expect this to be completed by the end of the year. They have already moved a large number of devices to support SHA-2.Again, per my previous post, the
Dean Coclin writes:
>The same one they've been using and know works: VeriSign Class 3
>International Server CA - G3.
So the devices will trust any cert from this CA?
This is a serious question, a contractor once got into USG infrastructure
with a $20 or so cert because they'd done the same th
Peter,The same one they've been using and know works: VeriSign Class 3 International Server CA - G3. Dean On 02/24/16, Peter Bowen wrote: Dean as Symantec,What CA(s) would Symantec use as the issuer for the certificates?Thanks,PeterOn Feb 24, 2016 12:52 PM, "Dean Coclin"
Dean as Symantec,
What CA(s) would Symantec use as the issuer for the certificates?
Thanks,
Peter
On Feb 24, 2016 12:52 PM, "Dean Coclin" wrote:
> This is Dean from Symantec (same Dean as the CA/B Forum Chair but I'm
> leaving that hat off right now). I'd like to answer some questions about
> t
This is Dean from Symantec (same Dean as the CA/B Forum Chair but I'm leaving that hat off right now). I'd like to answer some questions about this situation on which I agree is less than ideal.First off, as Gerv mentioned, many device manufacturers erroneously embedded public roots in their device
13 matches
Mail list logo