Hi Eddy,
On Nov 21, 10:37 pm, Eddy Nigg [EMAIL PROTECTED] wrote:
On 11/21/2008 10:12 PM, kgb:
Only validated and approved domain names can be included
in a cert, whether in the Subject DN or the SAN.
It is the default template, and best practice that the SAN
(e.g. RFC822, dnsName
Hi Eddy,
On Nov 21, 12:36 am, Eddy Nigg [EMAIL PROTECTED] wrote:
On 11/20/2008 06:34 PM, kb:
Probably the most important change in stated practice, is that it is
reflected that every CA is audited at least once annually. This is the
case for all active CAs.
Kevin, thanks for
Hi Frank,
On Nov 20, 9:21 pm, Frank Hecker [EMAIL PROTECTED] wrote:
Eddy Nigg wrote:
The Wisekey case could be where we might draw the line.
I'm not sure exactly which message (of mine or someone else's) you're
responding to.
In any case I don't think there's a bright line between the
Hi Eddy,
On Nov 21, 8:16 pm, Eddy Nigg [EMAIL PROTECTED] wrote:
On 11/21/2008 05:16 PM, kgb:
Frank, I agree with you.
Our CA controls, audits, etc. are
designed to ensure that all identities are validated appropriately
prior to
certificate issuance. BlackBox CAs are an extremely
On Nov 18, 2:54 am, Eddy Nigg [EMAIL PROTECTED] wrote:
On 11/14/2008 11:12 PM, Frank Hecker:
...in the short term I'm going to try to restart CA public
In this particular case I think that the practice in question doesn't
meet the requirements of the Mozilla CA policy. This includes in
5 matches
Mail list logo
