Michael Ströder wrote:
This whole issue cannot be resolved on this mailing list. Very likely
Entrust takes $$$ from the sub-CAs. So they are in charge of clarifying
this with their sub-CAs. If I'd be a representative of the Mozilla
foundation I'd write them an e-mail with some critical
Eddy Nigg (StartCom Ltd.) wrote:
Frank Hecker:
snip
Eddy, I think it would be unwise (to put it mildly) to make a major change
like
disabling Entrust's email trust bit in a rush. We have no idea at this point
what the impact of a change like that would be. And in any case the change is
Frank Hecker:
So let me make my own views clear on two points that you made on we ma
have some opposing views:
OK
First, with respect to the impact of turning off the Entrust email trust
bit, my concern is as follows: There may Entrust-controlled subordinates
under the Entrust root that
I tried to find out about requirements in the Entrust CPS
(http://www.entrust.net/CPS/pdf/webcps051404.pdf) however couldn't find
any regulation concerning cross-signing. Maybe this is covered in a
different document of theirs.
However I also couldn't find any regulation concerning S/MIME and
At 10:48 AM -0400 5/2/08, Frank Hecker wrote:
On Fri, May 2, 2008 at 8:08 AM, Eddy Nigg (StartCom Ltd.)
[EMAIL PROTECTED] wrote:
In comment https://bugzilla.mozilla.org/show_bug.cgi?id=431621#c5 the
representative of DigiNotar (Kick) notes that their CA root has been
cross-signed by
Paul Hoffman:
There is also a policy question of whether or not Entrust's CPS says
what cross-signing means in a way that both we and the auditors can
understand. On its face (without having read the documents), I think
it sounds pretty shaky to have a CA saying you can trust that other
CA to
The inclusion of DigiNotar is raising more issues, which I think is very
good for us.
In comment https://bugzilla.mozilla.org/show_bug.cgi?id=431621#c5 the
representative of DigiNotar (Kick) notes that their CA root has been
cross-signed by Entrust. Now this effectively circumvented our
On Fri, May 2, 2008 at 8:08 AM, Eddy Nigg (StartCom Ltd.)
[EMAIL PROTECTED] wrote:
In comment https://bugzilla.mozilla.org/show_bug.cgi?id=431621#c5 the
representative of DigiNotar (Kick) notes that their CA root has been
cross-signed by Entrust. Now this effectively circumvented our policy in
Frank Hecker:
DigiNotar is not alone in having a root cross-signed by Entrust;
No, of course not. However in this specific case we have facts which
require additional actions (such as reviewing the situation, evaluation
thereof and eventual consequences).
this
was apparently fairly
9 matches
Mail list logo
