I personally do think that it matters to this forum. A CA - no matter what kind
of certificates it issues - must take revocation requests seriously and act
immediately, even if the email is sent to the wrong address. If an employee at
the help desk is unable to forward revocation requests, or
I have two improvement suggestions for the page crt.sh.
I often stumble across extentions or other kind of OIDs which are not
known/named by the system. For example the extention 18.104.22.168.22.214.171.124.24
(1) It would be great if all OIDs could automatically get a hyperlink pointing
thank you for your reply! I actually saw the github link, but I was't sure in
which repository I should open a ticket. As for the forum, I didn't knew it and
I don't see a link at crt.sh
I have posted an email there
I share the opinion with Jakob, except with the CVE. Please remove this change.
It is unnecessary and kills the EV market.
But if you insist on keeping that UI change, maybe you can at least give the
lock symbol a different color if it is an EV cert?
Am Sonntag, 18. August 2019 07:18:56 UTC+2 schrieb Matt Palmer:
> [...] From what I can see so far,
> browser vendors aren't "ending" EV certificates, a couple of them are merely
> modifying their UIs guided by relevant research into the efficacy (or lack
> thereof) of the current UI.
Please tell me if I understand this correctly...
Is it that DV and EV certificates now both show the same lock symbol?
That would be a great harm in my opinion. And I do not understand why you want
I think EV is very important and I explain why.
Let's look at following hypothetical
Is there an EV Policy OID assigned? I can't find it.
Am Mittwoch, 14. August 2019 00:42:44 UTC+2 schrieb Wayne Thayer:
> This request is for inclusion of the Microsoft RSA Root Certificate
> Authority 2017, Microsoft ECC Root Certificate Authority 2017, Microsoft EV
> RSA Root
I have a few more comments/annotations:
(1) Pro EV persons argue "Criminals have problems getting an EV certificate, so
most of them are using only DV certificates".
Anti EV persons argue "Criminals just don't use EV certificates, because they
know that end users don't look at the EV indicator
I am a bit shocked about this case.
The fact that this happened to someone would restrain myself from reporting key
Even though it is the company's fault to protect their private key, their
lawers still might sue the incident-reporter. A judge might not understand the
Am Freitag, 23. August 2019 00:50:35 UTC+2 schrieb Ronald Crane:
> On 8/22/2019 1:43 PM, kirkhalloregon--- via dev-security-policy wrote:
> Whatever the merits of EV (and perhaps there are some -- I'm not
> convinced either way) this data is negligible evidence of them. A DV
> cert is
> Okay... we know that people might now know what "TO" or "AX" means...
Typo: I meant "people might not know"
dev-security-policy mailing list
Mail list logo