On Friday, February 17, 2017 at 7:50:31 PM UTC-5, uri...@gmail.com wrote:
> On Friday, February 17, 2017 at 7:23:54 PM UTC-5, Ryan Sleevi wrote:
> > I have confirmed with CPA
> > Canada that at during the 2016 and 2017 periods, EY Brazil was not a
> > licensed WebTrust practitioner, as indicated
On Friday, February 17, 2017 at 7:23:54 PM UTC-5, Ryan Sleevi wrote:
> I have confirmed with CPA
> Canada that at during the 2016 and 2017 periods, EY Brazil was not a
> licensed WebTrust practitioner, as indicated at .
On Friday, February 17, 2017 at 10:19:06 PM UTC-5, Ryan Sleevi wrote:
> On Fri, Feb 17, 2017 at 5:17 PM, urijah--- via dev-security-policy <
> email@example.com> wrote:
> > On Friday, February 17, 2017 at 7:50:31 PM UTC-5, uri...@gmail.com wrote:
Does anyone have further information about this?
dev-security-policy mailing list
For what it's worth, this is the latest post on facebook from the researcher.
The private key storage issue sounds like a reseller tool, like
and he found the private key was stored
I think page 8 of their manual at least partially explains how and what
"QuickInvite" is. The whole document is rather interesting...
On Saturday, April 1, 2017 at 6:01:23 AM UTC-4, Nick Lamb wrote:
> On Friday, 31 March
>Within a few days of discovering these issues they shut down their
>entire RA program. That seems pretty swift and comprehensive to me. The
>fact that they didn't discover these issues for years is clearly a
>problem, but it's not the same problem.
I don't believe that's a fair
Is there an expectation of a resolution of some sort to this matter?
Also, their most recent audit is apparently overdue (perhaps related to the
On Thursday, March 16, 2017 at 7:00:51 AM
Did you communicate to your customers over the last 6 months that their
existing certificates may become distrusted? Or did they find out when their
sites stopped working in Chrome?
On Friday, April 28, 2017 at 4:19:01 AM UTC-4, Richard Wang wrote:
> Hi Ryan,
> For your
Can this be responded to more directly and comprehensively please?
Are there any staff or personnel being shared between WoSign and Startcom?
This includes any staff from (or paid by) Qihoo 360 its subsidiaries,
contractors, or affiliates--does anyone do any work (paid or unpaid) for both
It's useful to note that Outlook 2007 leaves extended support on October 10.
(That deadline has been extended a few times, I believe, but this should be the
On Monday, May 15, 2017 at
Possibly this is irrelevant, but I have some concerns on how Symantec, it seems
to me, is willfully mischaracterizing their certificate compliance issues in
their prepared remarks to their investors yesterday.
It makes it sound as if there are some generic certificate industry changes
The link in footnote 
gives me a 404 error.
On Monday, May 15, 2017 at 11:09:41 AM UTC-4, Steve Medin wrote:
> Our response to the recent questions is posted at:
On Monday, May 8, 2017 at 7:21:46 AM UTC-4, okaphone.e...@gmail.com wrote:
> Hi Rick,
> I don't see a "May 4th post". Where was it posted? Not here it seems.
It's above--it links to
> Also it's reasonable that
It may be necessary to expand that definition to intermediates that were
capable of issuing certificates within the past year (or longer).
On Monday, May 8, 2017 at 9:31:21 AM UTC-4, Alex Gaynor wrote:
> I'm not the best way to phrase this, so please forgive the bluntness, but I
> think it'd be
Why does the document say "Date: 11/07/17" on every page, and the signed pdf
On Tuesday, September 26, 2017 at 4:56:36 PM UTC-4, alejand...@gmail.com wrote:
> In the following link you can find the CPS in
Is Trustico's storage of private keys related to this security report from a
few months back (which did not appear to ever have been fully investigated...)?
Does Digicert have (or will it have) some sort of
Mail list logo