On Fri, Mar 6, 2020 at 10:05 PM Matt Palmer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Therefore, the question I'm asking is: should Mozilla (aka the community
> and
> CA module owner and peers) make a policy decision to treat certificates
> issued with a known Debia
The BRs, s4.9.1.1, state that a CA has up to five days to revoke a
certificate where:
> The CA is made aware of a demonstrated or proven method that exposes the
> Subscriber's Private Key to compromise, methods have been developed that
> can easily calculate it based on the Public Key (such as a D
2 matches
Mail list logo
