[Apologies if you've seen this before, it looks like up to a week's worth of
mail from here has been lost, this is a resend of the backlog]
Chris Palmer pal...@google.com writes:
Firefox 31 data:
on desktop the median successful OCSP validation took 261ms, and the 95th
percentile (looking at
[This was originally sent to dev.platform and dev.tech.crypto]
Summary:
We intend to remove the proprietary window.crypto functions and
properties. See
https://developer.mozilla.org/en-US/docs/JavaScript_crypto for what will
be affected by this change.
Our reasoning is as follows: These functions
Actually, I think Matt's question was not about which version of the EV
Guidelines was followed, but rather about which of the allowed methods
of verification are used.
GobalSign's CPS section 3.2.2.3 just says: For Extended Validation
Certificates, the EV Guidelines are followed.
So, that
I just wanted to alert members of this list of a discussion that has been
started on Chromium's ct-policy@ mailing list regarding Chromium's
policies for requiring EV certificates be logged in Certificate
Transparency Logs.
Ben Laurie has started a discussion at
Does Mozilla have a stated plan to include CT in its products?
The issues Ben lists sound like reasonable concerns but it seems this is
putting the cart before the horse. The linchpin of CT is being able to turn on
hard-fail when the SCT is missing or doesn't agree with the logs--or whatever
On Tue, August 12, 2014 6:49 pm, fhw...@gmail.com wrote:
Does Mozilla have a stated plan to include CT in its products?Â
This is a separate discussion, and doesn't affect the ability of Mozilla
using of CT logs to detect violations of Mozilla's inclusion policy.
Obviously, CT in the client
It is a separate discussion. I wanted only some sort of statement from Mozilla
about time frames and anticipated functionalities, if there are any.
If the scope of CT is being narrowed to focus only on the use of log files as
an auditing and compliance facility, that is something even I might
Hi Kathleen,
I see the underlying question that you (and Matt) wanted us to answer.
Apologies in not being complete in my response the first time around.
The reason we are specific in the CPS with regards to Organizational vetting
(for everything other than EV) is a historical one. Prior to the
8 matches
Mail list logo