Hi Wyne
here our answers to the ==Bad== issues we are working on the ==Meh== ones.
1 * The inclusion request references a much older CPS [3] that doesn't list the
2016 versions of these roots or comply with current policies. I only reviewed
the newer CPS [5], but this CPS (section 1.2.1) doesn't
> * I am unable to locate a BR audit for the GCSR2016, but the websites trust
> bit has been requested. I first thought that this root was not intended for
> serverAuth, but section 1.2.1.4 of the CPS indicates that there is an “AC
> CAMERFIRMA GLOBAL FOR WEBSITES” subordinate CA that chains to thi
Hi Wayne
Here my answers to the ==Meh== questions.
1 * Camerfirma has had a number of recent compliance issues as listed below:
Resolved:
* Non-BR-compliant OCSP responders:
https://bugzilla.mozilla.org/show_bug.cgi?id=14262
Hi Ryan
Many thanks for your report. I will try to answer to your concerns about our
root inclusión.
> In attempt to discuss continued trust, I have attempted to summarize the
> patterns and issues of note, along with the timeline from reporting to
> remediation. It is my goal that this will allo
On Thursday, March 22, 2018 at 10:43:49 PM UTC+1, Ryan Sleevi wrote:
> On Thu, Mar 22, 2018 at 6:26 PM ramirommunoz--- via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
> > Hi Ryan
> > Many thanks for your report. I will try to answer to your
On Friday, March 23, 2018 at 4:20:51 PM UTC+1, Ryan Sleevi wrote:
> On Fri, Mar 23, 2018 at 1:12 PM ramirommunoz--- via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
> > On Thursday, March 22, 2018 at 10:43:49 PM UTC+1, Ryan Sleevi wrote:
> >
> ==Bad==
> * The inclusion request references a much older CPS [3] that doesn't list
> the 2016 versions of these roots or comply with current policies. I only
> reviewed the newer CPS [5], but this CPS (section 1.2.1) doesn't cover the
> older roots that are currently included. I believe this is
On Tuesday, March 27, 2018 at 10:37:07 PM UTC+2, Wayne Thayer wrote:
> Hi Ramiro,
>
> On Fri, Mar 23, 2018 at 11:52 AM, ramirommunoz--- via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
> > Hi Ryan
> >
> > Thanks again for you
On Wednesday, March 28, 2018 at 7:34:25 AM UTC+2, Adrian R. wrote:
> Hello
> can you please sign the PDF files on that site?
>
> the very first page of CPS_eidas_EN_v_1_2_3.pdf says
> "Document valid only in digital format digitally signed by the Policy
> Authority"
>
> but the PDF that i was of
El viernes, 30 de marzo de 2018, 17:06:35 (UTC+2), Wayne Thayer escribió:
> On Wed, Mar 28, 2018 at 3:45 AM, ramirommunoz--- via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
> >
> > On Tuesday, March 27, 2018 at 10:37:07 PM UTC+2, Wayne Th
El domingo, 1 de abril de 2018, 16:29:08 (UTC+2), westm...@gmail.com escribió:
> Hi, Ramiro.
> But how will the problems persecuting your CA disappear, even if the root is
> sterile.
>
> Andrew
Thank you Andrew for your comment.
We have already solve the problems located in this bug, and devel
El lunes, 2 de abril de 2018, 3:53:08 (UTC+2), Tom Prince escribió:
> On Sunday, April 1, 2018 at 4:16:47 AM UTC-6, ramiro...@gmail.com wrote:
> > I fully understand the proposed solution about 2018 roots but as I
> > previously said some concerns arise, [...]
>
>
> That is unfortunate for Came
El martes, 3 de abril de 2018, 11:58:49 (UTC+2), okaphone.e...@gmail.com
escribió:
> On Monday, 2 April 2018 19:22:02 UTC+2, ramiro...@gmail.com wrote:
> > El lunes, 2 de abril de 2018, 3:53:08 (UTC+2), Tom Prince escribió:
> > > On Sunday, April 1, 2018 at 4:16:47 AM UTC-6, ramiro...@gmail.com
El martes, 3 de abril de 2018, 23:48:32 (UTC+2), okaphone.e...@gmail.com
escribió:
> On Tuesday, 3 April 2018 14:19:43 UTC+2, ramiro...@gmail.com wrote:
> > El martes, 3 de abril de 2018, 11:58:49 (UTC+2), okaphone.e...@gmail.com
> > escribió:
> > > On Monday, 2 April 2018 19:22:02 UTC+2, rami
El miércoles, 4 de abril de 2018, 4:10:16 (UTC+2), Matt Palmer escribió:
> On Tue, Apr 03, 2018 at 05:19:32AM -0700, ramirommunoz--- via
> dev-security-policy wrote:
> > Completely agree with you about that a new root by itself do not solve the
> > problem.
>
> The phra
Hi Wayne here you are a response to the qualified audits. As you remarks we
have include links to the previously reported bugs. We will keep you informed
about the remediation process plan. Sorry for the delay as you know Juan Angel
is the person in charge of this Work and is on vacation for so
El jueves, 20 de julio de 2017, 16:49:15 (UTC+2), Gervase Markham escribió:
> On 19/07/17 14:53, Alex Gaynor wrote:
> > I'd like to report the following instance of miss-issuance:
>
> Thank you. Again, I have drawn this message to the attention of the CAs
> concerned (Government of Venezuela and
El martes, 15 de agosto de 2017, 15:13:04 (UTC+2), Gervase Markham escribió:
> On 08/08/17 14:33, Alex Gaynor wrote:
> > Following up on this thread, 8 days ago I emailed Camerfirma, I have not
> > heard back from them, nor have they taken any action. What is the
> > appropriate next step here?
>
El jueves, 17 de agosto de 2017, 12:26:05 (UTC+2), ramiro...@gmail.com
escribió:
> El martes, 15 de agosto de 2017, 15:13:04 (UTC+2), Gervase Markham escribió:
> > On 08/08/17 14:33, Alex Gaynor wrote:
> > > Following up on this thread, 8 days ago I emailed Camerfirma, I have not
> > > heard bac
>
> Issuer: https://crt.sh/?caid=140
>Issuer O: AC Camerfirma SA CIF A82743287
> Issuer CN: Chambers of Commerce Root
> Subject CN: (id=1252) AC CAMERFIRMA AAPP
> (id=12625404) AC Camerfirma Express Corporate Server
>Serial #: 0d
> Certs: https://crt.sh/?id=1252
>
20 matches
Mail list logo