On 11/19/19 4:59 PM, Kathleen Wilson wrote:
Note: I will add a report to
wiki.mozilla.org/CA/Intermediate_Certificates to list all of the
intermediate certificates that have been added to OneCRL and their
revocation status. This will enable the CA Community to identify which
certificates have
In https://bugzilla.mozilla.org/show_bug.cgi?id=1593814 , Rob Stradling,
Jeremy Rowley, and I started discussing possible steps that might be taken
to prevent misencoding strings in certificates, and it seemed appropriate
to shift this to a more general m.d.s.p. discussion, rather than solely on
th
On Thu, Nov 14, 2019 at 3:24 PM Wayne Thayer wrote:
> On Fri, Nov 8, 2019 at 12:06 PM Ryan Sleevi wrote:
>
>>
>> On Fri, Nov 8, 2019 at 1:54 PM Wayne Thayer via dev-security-policy <
>> dev-security-policy@lists.mozilla.org> wrote:
>>
>>> A few more questions have come up about this change:
>>>
The last change I am proposing for version 2.7 of the Mozilla Root Store
policy is an update to the minimum versions of audit criteria that we will
accept in audits. I have conferred with the WebTrust Task Force and was
informed that we can update the minimum version requirements for audit
statemen
All,
CPA Canada just informed me that the PDF file URLs that we use in the
CCADB for WebTrust audits will be down for a while as they perform a
site update.
You will still be able to access the audit statements via the Seal files
on the CA websites during this time.
We apologize for the in
Ryan Sleevi via dev-security-policy
writes:
>In https://bugzilla.mozilla.org/show_bug.cgi?id=1593814 , Rob Stradling,
>Jeremy Rowley, and I started discussing possible steps that might be taken to
>prevent misencoding strings in certificates
Is there any official position on strings that have c
On Wed, Nov 20, 2019 at 9:48 PM Peter Gutmann
wrote:
> Ryan Sleevi via dev-security-policy
> writes:
>
> >In https://bugzilla.mozilla.org/show_bug.cgi?id=1593814 , Rob Stradling,
> >Jeremy Rowley, and I started discussing possible steps that might be
> taken to
> >prevent misencoding strings in
Ryan Sleevi writes:
>Do you believe it’s still applicable in the Web PKI of the past decade?
Yes, the specific cert I referenced is current valid and passed WebTrust and
EV audits.
>If you could link to the crt.sh entry, that might be easier.
Here's the Microsoft one I mentioned:
Microsoft
On Wed, Nov 20, 2019 at 10:54 PM Peter Gutmann
wrote:
> Ryan Sleevi writes:
>
> >Do you believe it’s still applicable in the Web PKI of the past decade?
>
> Yes, the specific cert I referenced is current valid and passed WebTrust
> and
> EV audits.
>
"Passed" is... a bit misleading as to the (l
Ryan Sleevi writes:
>I don't think the hyperbole helps here.
It wasn't hyperbole, it was extreme surprise. When someone told me about this
I couldn't believe it was still happening after the massive amount of
publicity it got at the time, so it was more a giant "WTF?!??" than anything
else.
Ot
10 matches
Mail list logo
