Re: DRAFT November 2017 CA Communication

It has been suggested that I need to communicate to CAs that there will be consequences if their audit statements do not meet Mozilla’s requirements, so how about if I add the following to the November CA Communication? ~~ As stated in Mozilla’s April 2017 CA Communication[1] and Mozilla’s

RE: Francisco Partners acquires Comodo certificate authority business

Hello, Why you're removed the post of Peter Gutmann (Nov. 1, 2017, 4:08)? If I understand correctly, at the time of the public discussion for new root certificates SSL.com (RA Comodo) Mozilla concealed information about the acquisition of SSL business of Comodo and that now the past public

RE: Francisco Partners acquires Comodo certificate authority business

On November 1, 2017 at 2:23:17 PM, westmail24--- via dev-security-policy ( dev-security-policy@lists.mozilla.org) wrote: Hello, If I understand correctly, at the time of the public discussion for new root certificates SSL.com (RA Comodo) Mozilla concealed information about the acquisition of

Re: Francisco Partners acquires Comodo certificate authority business

On 11/1/17 12:22 PM, westmai...@gmail.com wrote: Hello, Why you're removed the post of Peter Gutmann (Nov. 1, 2017, 4:08)? If I understand correctly, at the time of the public discussion for new root certificates SSL.com (RA Comodo) Mozilla concealed information about the acquisition of SSL

Re: Francisco Partners acquires Comodo certificate authority business

On 31/10/17 13:21, Kyle Hamilton wrote: > http://www.eweek.com/security/francisco-partners-acquires-comodo-s-certificate-authority-business Comodo notified Mozilla of this impending acquisition privately in advance, and requested confidentiality, which we granted. Now that the acquisition is

Re: ETSI Audits Almost Always FAIL to list audit period

This is a long thread but the topic is very critical so I hope people are patient enough to read through this long discussion. On 1/11/2017 12:37 πμ, Ryan Sleevi wrote: On Tue, Oct 31, 2017 at 5:29 PM, Dimitris Zacharopoulos via dev-security-policy

Re: ETSI audits not listing audit periods

Am Montag, 30. Oktober 2017 22:19:31 UTC+1 schrieb Ryan Sleevi: > On Mon, Oct 30, 2017 at 3:50 PM, Kathleen Wilson via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > > > > How do we get all auditors to start meeting our audit statement > > requirements? > > > > Why haven't

RE: Incident Report : GoDaddy certificates with ROCA Fingerprint

Hey Alex - we intend to publish a report for the former Symantec certs. For now, here's what I know: 1) The scope was 15 TLS certs. We became aware of the certs through your posting. 2) We are revoking all 15 certs. I'm still waiting for their serial numbers. We kicked off the 24 hour

Re: Mozilla’s Plan for Symantec Roots

Hi Peter, Ryan is the chain-building expert, and others have deeper knowledge of how the new Symantec/DigiCert PKI is going to work than I do, but here's an attempt to answer your question. On 27/10/17 16:51, Peter Bowen wrote: > If DigiCert generates a new online issuing CA on 20 March 2018 and

RE: Francisco Partners acquires Comodo certificate authority business

> -Original Message- > From: Gerv > Subject: Re: Francisco Partners acquires Comodo certificate authority business > > On 31/10/17 13:21, Kyle Hamilton wrote: > > http://www.eweek.com/security/francisco-partners-acquires-comodo-s- > certificate-authority-business > > Comodo notified

RE: Francisco Partners acquires Comodo certificate authority business

Peter, As you noted in your post to the cryptography list, Francisco Partners' website states that they exited from their investment in Blue Coat. https://www.franciscopartners.com/investments/blue-coat?sector=Comms-Securit y=1200 Regards Robin Alden Comodo > -Original Message- >