On 13/02/17 23:53, Wayne Thayer wrote:
> Gerv - this makes sense and it is GoDaddy's intent to perform these steps
> within 3 months.
No significant objections have been put forward about this action plan,
and so I have filed a Bugzilla bug to track GoDaddy's implementation:
On 13/02/17 23:13, Santhan Raj wrote:
> One thing to highlight here is that the WebTrust audits are performed
> against the BRs and not against the root program requirements.
This is true, although (apart from the relative importance of domain
validation) this is similarly true of many items in
> -Original Message-
> From: dev-security-policy [mailto:dev-security-policy-
> bounces+wthayer=godaddy@lists.mozilla.org] On Behalf Of Gervase
> Markham via dev-security-policy
> Here is our proposed remediation plan for GoDaddy.
>
> 1) As with all CAs, update all their domain
On Monday, February 13, 2017 at 3:14:06 PM UTC-8, Santhan Raj wrote:
> On Monday, February 13, 2017 at 4:22:34 AM UTC-8, Gervase Markham wrote:
>
> > That is why, despite some IPR-related tangles, Mozilla will be requiring
> > in its next CA Communication that all CAs move to using only those
> >
On Monday, February 13, 2017 at 4:22:34 AM UTC-8, Gervase Markham wrote:
> That is why, despite some IPR-related tangles, Mozilla will be requiring
> in its next CA Communication that all CAs move to using only those
> documented methods in a fairly short timeframe, regardless of what the
> BRs
On 13/02/17 16:41, Nick Lamb wrote:
> GoDaddy came up with). Thus, even though some of the methods from
> Ballot 169 are not included in the Baseline Requirements today,
> Mozilla intends to oblige root programme members to pick from those
> ten methods.
Yes. And this is permitted by the BRs
On 13/02/17 14:34, Nick Lamb wrote:
> I don't think Ballot 169 represents best practices per se. Instead as
> with the rest of the Baseline Requirements what we have here are
> _minimums_, we aren't asking that CAs should do no more than what is
> described, but that they must do at least what is
On 13/02/2017 16:15, Jürgen Brauckmann via dev-security-policy wrote:
> Gervase Markham via dev-security-policy schrieb:
>> 1) As with all CAs, update all their domain validation code to use one
>> of the 10 approved methods;
>
> I'm probably confused regarding BRs pre/post Ballot 181: Aren't
On Monday, 13 February 2017 15:15:47 UTC, Jürgen Brauckmann wrote:
> I'm probably confused regarding BRs pre/post Ballot 181: Aren't there
> only 4 methods per Ballot 181?
>
> Jürgen
Ballot 169 identified exactly 10 methods. Although this ballot passed
unanimously, meaning that both CA members
Gervase Markham via dev-security-policy schrieb:
> 1) As with all CAs, update all their domain validation code to use one
> of the 10 approved methods;
I'm probably confused regarding BRs pre/post Ballot 181: Aren't there
only 4 methods per Ballot 181?
Jürgen
10 matches
Mail list logo
