Le 15/03/2018 à 20:04, Wayne Thayer a écrit :
This incident, and the resulting action to "integrate GlobalSign's certlint
and/or zlint into our existing cert-checker pipeline" has been documented
in bug 1446080 [1]
This is further proof that pre-issuance TBS certificate linting (either by
This incident, and the resulting action to "integrate GlobalSign's certlint
and/or zlint into our existing cert-checker pipeline" has been documented
in bug 1446080 [1]
This is further proof that pre-issuance TBS certificate linting (either by
incorporating existing tools or using a comprehensive
On Thu, Mar 15, 2018 at 12:22 PM, Tom via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Should another bug be opened for the certificate issued by IdenTrust with
> apparently the same encoding problem?
>
> Yes - this is bug 1446121 (
I think this discussion has made it clear that the request for inclusion of
the TunRootCA2 root should be denied.
CAs inherently must be trusted, and trust must be earned. A CA can't simply
fix one problem after another as we find them during the inclusion process
and expect to be rewarded for
This mis-issuance incident was reported by Cybertrust Japan (CTJ), an
intermediate CA of DigiCert.
(https://bugzilla.mozilla.org/show_bug.cgi?id=1445857)
Here's the incident report:
1.How your CA first became aware of the problem (e.g. via a problem report
submitted to your Problem
On 16/03/2018 05:28, Ben Wilson wrote:
This mis-issuance incident was reported by Cybertrust Japan (CTJ), an
intermediate CA of DigiCert.
(https://bugzilla.mozilla.org/show_bug.cgi?id=1445857)
Here's the incident report:
1.How your CA first became aware of the problem (e.g. via a
On Thursday, 15 March 2018 04:30:22 UTC+1, syri...@gmail.com wrote:
> Dear Wayne,
> Based on the long discussion regarding our request, I would appreciate having
> your opinion on the following:
> Move to a new root based on EJBCA (Enterprise License) and conduct a new
> audit with a new
Hi Ryan, thanks for your reply
I'm afraid I didn't make my question clear enough or that i was missing
something in the link you sent to me
what I am asking is this:
in a subscriber certificate under subject
every CA i saw puts a CN=domain name
what I understand from the BR is that the best
On Thu, Mar 15, 2018 at 7:37 AM YairE via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Hi Ryan, thanks for your reply
>
> I'm afraid I didn't make my question clear enough or that i was missing
> something in the link you sent to me
>
> what I am asking is this:
> in a
9 matches
Mail list logo