On Tue, Sep 3, 2019 at 2:18 PM Santhan via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On Thursday, August 29, 2019 at 4:37:04 PM UTC-7, Jacob Hoffman-Andrews
> wrote:
> > Also filed at https://bugzilla.mozilla.org/show_bug.cgi?id=1577652
> >
> > On 2019.08.28 we read App
On Thursday, August 29, 2019 at 4:37:04 PM UTC-7, Jacob Hoffman-Andrews wrote:
> Also filed at https://bugzilla.mozilla.org/show_bug.cgi?id=1577652
>
> On 2019.08.28 we read Apple’s bug report at
> https://bugzilla.mozilla.org/show_bug.cgi?id=1577014 about DigiCert’s OCSP
> responder returning i
On 03/09/2019 00:54, Ryan Sleevi wrote:
> On Mon, Sep 2, 2019 at 2:14 PM Alex Cohn via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
>> On Mon, Sep 2, 2019 at 12:42 PM Jakob Bohm via dev-security-policy <
>> dev-security-policy@lists.mozilla.org> wrote:
>>
>>> If an OCSP
On Mon, Sep 2, 2019 at 2:14 PM Alex Cohn via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On Mon, Sep 2, 2019 at 12:42 PM Jakob Bohm via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
> > If an OCSP server supports returning (or always returns) pro
On Mon, Sep 2, 2019 at 1:36 PM Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On 02/09/2019 20:13, Alex Cohn wrote:
> > On Mon, Sep 2, 2019 at 12:42 PM Jakob Bohm via dev-security-policy <
> > dev-security-policy@lists.mozilla.org> wrote:
> >
> > Waiting until
On 02/09/2019 20:13, Alex Cohn wrote:
On Mon, Sep 2, 2019 at 12:42 PM Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
If an OCSP server supports returning (or always returns) properties of
the actual cert, such as the CT proofs, then it really cannot do its
us
On Mon, Sep 2, 2019 at 12:42 PM Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> If an OCSP server supports returning (or always returns) properties of
> the actual cert, such as the CT proofs, then it really cannot do its
> usual "good" responses until the proc
_
> From: dev-security-policy on
> behalf of Jeremy Rowley via dev-security-policy
>
> Sent: Saturday, August 31, 2019 9:05:24 AM
> To: Tomas Gustavsson ;
> mozilla-dev-security-pol...@lists.mozilla.org
>
> Subject: Re: 2019.08.28 Let’s Encrypt OCSP
On Friday, August 30, 2019 at 8:58:17 PM UTC+2, Ryan Sleevi wrote:
> On Fri, Aug 30, 2019 at 11:26 AM Jeremy Rowley via dev-security-policy <
> Despite all of the writing above, I'm too lazy to copy/paste my comment
> from the Let's Encrypt issue, but I would hope any CA contemplating things
> s
e confusing imo.
>
> From: dev-security-policy on
> behalf of Tomas Gustavsson via dev-security-policy
>
> Sent: Saturday, August 31, 2019 9:00:08 AM
> To: mozilla-dev-security-pol...@lists.mozilla.org
>
> Subject: Re: 2019.08.28 L
:24 AM
To: Tomas Gustavsson ;
mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: 2019.08.28 Let’s Encrypt OCSP Responder Returned “Unauthorized”
for Some Precertificates
I dont recall the cab forum ever contemplating or discussing ocsp for
precertificates. The requirement to provide
dev-security-policy
Sent: Saturday, August 31, 2019 9:00:08 AM
To: mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: 2019.08.28 Let’s Encrypt OCSP Responder Returned “Unauthorized”
for Some Precertificates
On Saturday, August 31, 2019 at 3:13:00 PM UTC+2, Jeremy Rowley wrote:
> &g
on allowing unathorized for "unknown" responses to
save on private key usage? (I'm unable to find it now)
>
> ____________
> From: dev-security-policy on
> behalf of Tomas Gustavsson via dev-security-policy
>
> Sent: Saturday, Au
You’re right. It could be any of the responses under RFC 6960.
From: Alex Cohn
Sent: Friday, August 30, 2019 7:22 PM
To: Jeremy Rowley
Cc: Jacob Hoffman-Andrews ;
mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: 2019.08.28 Let’s Encrypt OCSP Responder Returned “Unauthorized”
for
: Ryan Sleevi
Sent: Friday, August 30, 2019 12:58 PM
To: Jeremy Rowley
Cc: Jacob Hoffman-Andrews ;
mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: 2019.08.28 Let’s Encrypt OCSP Responder Returned “Unauthorized”
for Some Precertificates
On Fri, Aug 30, 2019 at 11:26 AM Jeremy Rowley
2 AM
To: mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: 2019.08.28 Let’s Encrypt OCSP Responder Returned “Unauthorized”
for Some Precertificates
Hi,
I find and hear a few non conclusive, sometimes contradictory, messages about
OCSP responder handling of pre-certificates with
Hi,
I find and hear a few non conclusive, sometimes contradictory, messages about
OCSP responder handling of pre-certificates without final certificates. Reading
this thread I don't find a firm conclusion either (albeit I may have missed it).
I'm not saying anything others have not said before,
On Fri, Aug 30, 2019 at 10:26 AM Jeremy Rowley via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Is our answer right though? I wasn't sure. I said "Good" because "a
> promise to issue a cert" could be considered the same issued. In that case
> the BRs say you must respond g
On Fri, Aug 30, 2019 at 11:26 AM Jeremy Rowley via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Is our answer right though? I wasn't sure. I said "Good" because "a
> promise to issue a cert" could be considered the same issued. In that case
> the BRs say you must respond g
Is our answer right though? I wasn't sure. I said "Good" because "a promise to
issue a cert" could be considered the same issued. In that case the BRs say you
must respond good. However, if "a promise to issue a certificate" is not the
same as issuance, the BRs don't apply to the OCSP until the
On 2019-08-30 12:14, Jakob Bohm wrote:
On 30/08/2019 01:36, Jacob Hoffman-Andrews wrote:
Also filed at https://bugzilla.mozilla.org/show_bug.cgi?id=1577652
On 2019.08.28 we read Apple’s bug report at
https://bugzilla.mozilla.org/show_bug.cgi?id=1577014 about DigiCert’s OCSP
responder returnin
On 30/08/2019 01:36, Jacob Hoffman-Andrews wrote:
> Also filed at https://bugzilla.mozilla.org/show_bug.cgi?id=1577652
>
> On 2019.08.28 we read Apple’s bug report at
> https://bugzilla.mozilla.org/show_bug.cgi?id=1577014 about DigiCert’s OCSP
> responder returning incorrect results for a precer
22 matches
Mail list logo