Re: Miss-issuance: URI in dNSName SAN

2017-08-17 Thread ramirommunoz--- via dev-security-policy
El martes, 15 de agosto de 2017, 15:13:04 (UTC+2), Gervase Markham escribió: > On 08/08/17 14:33, Alex Gaynor wrote: > > Following up on this thread, 8 days ago I emailed Camerfirma, I have not > > heard back from them, nor have they taken any action. What is the > > appropriate next step here? >

Re: Miss-issuance: URI in dNSName SAN

2017-08-17 Thread ramirommunoz--- via dev-security-policy
El jueves, 17 de agosto de 2017, 12:26:05 (UTC+2), ramiro...@gmail.com escribió: > El martes, 15 de agosto de 2017, 15:13:04 (UTC+2), Gervase Markham escribió: > > On 08/08/17 14:33, Alex Gaynor wrote: > > > Following up on this thread, 8 days ago I emailed Camerfirma, I have not > > > heard

Re: Miss-issuance: URI in dNSName SAN

2017-07-22 Thread ramirommunoz--- via dev-security-policy
El jueves, 20 de julio de 2017, 16:49:15 (UTC+2), Gervase Markham escribió: > On 19/07/17 14:53, Alex Gaynor wrote: > > I'd like to report the following instance of miss-issuance: > > Thank you. Again, I have drawn this message to the attention of the CAs > concerned (Government of Venezuela and

Re: AC Camerfirma's CP & CPS disclosure

2018-09-04 Thread ramirommunoz--- via dev-security-policy
Hi Wayne here you are a response to the qualified audits. As you remarks we have include links to the previously reported bugs. We will keep you informed about the remediation process plan. Sorry for the delay as you know Juan Angel is the person in charge of this Work and is on vacation for

Re: AC Camerfirma Chambers of Commerce and Global Chambersign 2016 Root Inclusion Request

2018-03-12 Thread ramirommunoz--- via dev-security-policy
Hi Wayne Here my answers to the ==Meh== questions. 1 * Camerfirma has had a number of recent compliance issues as listed below: Resolved: * Non-BR-compliant OCSP responders:

Re: AC Camerfirma Chambers of Commerce and Global Chambersign 2016 Root Inclusion Request

2018-03-06 Thread ramirommunoz--- via dev-security-policy
Hi Wyne here our answers to the ==Bad== issues we are working on the ==Meh== ones. 1 * The inclusion request references a much older CPS [3] that doesn't list the 2016 versions of these roots or comply with current policies. I only reviewed the newer CPS [5], but this CPS (section 1.2.1)

Re: AC Camerfirma Chambers of Commerce and Global Chambersign 2016 Root Inclusion Request

2018-04-03 Thread ramirommunoz--- via dev-security-policy
El martes, 3 de abril de 2018, 11:58:49 (UTC+2), okaphone.e...@gmail.com escribió: > On Monday, 2 April 2018 19:22:02 UTC+2, ramiro...@gmail.com wrote: > > El lunes, 2 de abril de 2018, 3:53:08 (UTC+2), Tom Prince escribió: > > > On Sunday, April 1, 2018 at 4:16:47 AM UTC-6,

Re: AC Camerfirma Chambers of Commerce and Global Chambersign 2016 Root Inclusion Request

2018-04-04 Thread ramirommunoz--- via dev-security-policy
El miércoles, 4 de abril de 2018, 4:10:16 (UTC+2), Matt Palmer escribió: > On Tue, Apr 03, 2018 at 05:19:32AM -0700, ramirommunoz--- via > dev-security-policy wrote: > > Completely agree with you about that a new root by itself do not solve the > > problem. > > T

Re: AC Camerfirma Chambers of Commerce and Global Chambersign 2016 Root Inclusion Request

2018-04-04 Thread ramirommunoz--- via dev-security-policy
El martes, 3 de abril de 2018, 23:48:32 (UTC+2), okaphone.e...@gmail.com escribió: > On Tuesday, 3 April 2018 14:19:43 UTC+2, ramiro...@gmail.com wrote: > > El martes, 3 de abril de 2018, 11:58:49 (UTC+2), okaphone.e...@gmail.com > > escribió: > > > On Monday, 2 April 2018 19:22:02 UTC+2,

Re: AC Camerfirma Chambers of Commerce and Global Chambersign 2016 Root Inclusion Request

2018-03-28 Thread ramirommunoz--- via dev-security-policy
On Wednesday, March 28, 2018 at 7:34:25 AM UTC+2, Adrian R. wrote: > Hello > can you please sign the PDF files on that site? > > the very first page of CPS_eidas_EN_v_1_2_3.pdf says > "Document valid only in digital format digitally signed by the Policy > Authority" > > but the PDF that i was

Re: AC Camerfirma Chambers of Commerce and Global Chambersign 2016 Root Inclusion Request

2018-04-01 Thread ramirommunoz--- via dev-security-policy
El domingo, 1 de abril de 2018, 16:29:08 (UTC+2), westm...@gmail.com escribió: > Hi, Ramiro. > But how will the problems persecuting your CA disappear, even if the root is > sterile. > > Andrew Thank you Andrew for your comment. We have already solve the problems located in this bug, and

Re: AC Camerfirma Chambers of Commerce and Global Chambersign 2016 Root Inclusion Request

2018-04-01 Thread ramirommunoz--- via dev-security-policy
El viernes, 30 de marzo de 2018, 17:06:35 (UTC+2), Wayne Thayer escribió: > On Wed, Mar 28, 2018 at 3:45 AM, ramirommunoz--- via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > > > > > On Tuesday, March 27, 2018 at 10:37:07 PM UTC+2, Wayne Th

Re: AC Camerfirma Chambers of Commerce and Global Chambersign 2016 Root Inclusion Request

2018-04-02 Thread ramirommunoz--- via dev-security-policy
El lunes, 2 de abril de 2018, 3:53:08 (UTC+2), Tom Prince escribió: > On Sunday, April 1, 2018 at 4:16:47 AM UTC-6, ramiro...@gmail.com wrote: > > I fully understand the proposed solution about 2018 roots but as I > > previously said some concerns arise, [...] > > > That is unfortunate for

Re: AC Camerfirma Chambers of Commerce and Global Chambersign 2016 Root Inclusion Request

2018-03-28 Thread ramirommunoz--- via dev-security-policy
On Tuesday, March 27, 2018 at 10:37:07 PM UTC+2, Wayne Thayer wrote: > Hi Ramiro, > > On Fri, Mar 23, 2018 at 11:52 AM, ramirommunoz--- via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > > > Hi Ryan > > > > Thanks again for

Re: AC Camerfirma Chambers of Commerce and Global Chambersign 2016 Root Inclusion Request

2018-03-22 Thread ramirommunoz--- via dev-security-policy
Hi Ryan Many thanks for your report. I will try to answer to your concerns about our root inclusión. > In attempt to discuss continued trust, I have attempted to summarize the > patterns and issues of note, along with the timeline from reporting to > remediation. It is my goal that this will

Re: AC Camerfirma Chambers of Commerce and Global Chambersign 2016 Root Inclusion Request

2018-03-23 Thread ramirommunoz--- via dev-security-policy
On Friday, March 23, 2018 at 4:20:51 PM UTC+1, Ryan Sleevi wrote: > On Fri, Mar 23, 2018 at 1:12 PM ramirommunoz--- via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > > > On Thursday, March 22, 2018 at 10:43:49 PM UTC+1, Ryan Sleevi wrote: > >

Re: AC Camerfirma Chambers of Commerce and Global Chambersign 2016 Root Inclusion Request

2018-03-23 Thread ramirommunoz--- via dev-security-policy
On Thursday, March 22, 2018 at 10:43:49 PM UTC+1, Ryan Sleevi wrote: > On Thu, Mar 22, 2018 at 6:26 PM ramirommunoz--- via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > > > Hi Ryan > > Many thanks for your report. I will try to answer to your

Re: AC Camerfirma Chambers of Commerce and Global Chambersign 2016 Root Inclusion Request

2018-03-06 Thread ramirommunoz--- via dev-security-policy
> * I am unable to locate a BR audit for the GCSR2016, but the websites trust > bit has been requested. I first thought that this root was not intended for > serverAuth, but section 1.2.1.4 of the CPS indicates that there is an “AC > CAMERFIRMA GLOBAL FOR WEBSITES” subordinate CA that chains to