In accordance with the CA inclusion process,[1] this is a summary of the
public discussion of Microsec’s application for inclusion of the e-Szigno
Root CA 2017 into the Mozilla root store, and to EV enable it and the
currently-included e-Szigno Root CA 2009. The request is documented in
Bugzilla
ates shall be created under, at least, dual control.
> >
> > I'd like to see an explanation of these non-conformities and the
> > remediation from certSIGN, and confirmation from LSTI that they have been
> > fixed.
> >
> > - Wayne
> >
> > [1
Thanks, Corey.
I've added this as a matter to consider in a future version of the Root
Store Policy. https://github.com/mozilla/pkipolicy/issues/215
On Thu, May 21, 2020 at 7:23 PM Corey Bonnell via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> While I realize the current
Mozilla votes "Yes"
On Mon, May 18, 2020 at 9:30 AM Dimitris Zacharopoulos (HARICA) via Public <
public@cabforum.org> wrote:
> The following motion has been proposed by Dimitris Zacharopoulos of HARICA
> and endorsed by Mike Reilly of Microsoft and Tim Hollebeek of Digicert.
>
> *Purpose of
Perhaps you addressed this, but how would IO.error behave when not
compiling things? How would it behave if you remote console into a running
system and call IO.error?
On Monday, May 11, 2020 at 11:33:40 PM UTC-4, Dallin Osmun wrote:
>
> I understand at first glance this proposal might not seem
Just an FYI - I've also started a thread on the CA/Browser Forum list to
see about establishing OCSP uptime requirements in the Baseline
Requirements.
On Mon, May 11, 2020 at 5:45 AM Kurt Roeckx via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On 2020-05-08 21:03, Wayne
This request is for inclusion of the certSIGN Root CA G2 certificate and to
turn on the Websites trust bit and for EV treatment.
The request is documented in Bugzilla and in the CCADB as follows:
https://bugzilla.mozilla.org/show_bug.cgi?id=1403453
Dear Andrew,
The purpose of my email was to alert the Mozilla community of a COVID-19
concern as it arose and to start/continue a dialogue on these COVID-19
matters. I was hoping to get some general feedback to help guide our
COVID-19 policy.
I appreciate the feedback so far. As mentioned in
All,
Section 3.2.2.4.3 of the BRs says, "CAs SHALL NOT perform validations using
this method after May 31, 2019. Completed validations using this method
SHALL continue to be valid for subsequent issuance per the applicable
certificate data reuse periods." If that is 825 days, then would that be
broader exceptions for COVID-19 issues, e.g. enlarge the
scope of the delayed-audit approach to include other non-conformities/other
issues and not require immediate certificate revocations
I look forward to hearing your opinions and suggestions.
Sincerely yours,
Ben Wilson
Endnotes:
[1] https
such updates
will include additions to section 1.5.2 as required by Section 4.9.3 of the
Baseline Requirements.
Could you please clarify if and when section 1.5.2 will be updated?
Thanks.
Sincerely yours,
Ben Wilson
Mozilla Root Program
-
BR section 4.9.3 requires CPS section 1.5.2
Thanks, Kathleen
I'm really excited to begin working with all of you!
Cheers and stay safe,
Ben Wilson
On Mon, Apr 13, 2020 at 11:07 AM Kathleen Wilson via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
>
> All,
>
> I am pleased to announce that Ben
Hi Adam,
I believe this functionality already exists in the form of this function
and others with the "chunk" name.
https://hexdocs.pm/elixir/Enum.html#chunk_every/2
- Ben
On Sunday, March 29, 2020 at 5:58:19 AM UTC-4, Adam Lancaster wrote:
>
> Hello,
>
> Elixir is great. The Enum module is
Hi Eric,
Whether or not this is functionally equivalent to split_with depends on how
it handles non unique lists, eg:
Enum.pop_by([1,2,2,3], fn x -> x == 2 end)
If it returns
{2, [1, 2, 3]}
Then it is definitely at least different.
This almost seems better suited for the List module. Map and
ut. *
>
> -bt
>
>
>
> On Tue, Feb 4, 2020 at 8:58 AM Amos King > wrote:
>
>> Ben,
>>
>> That is how const is used in Haskell. Although without currying I don’t
>> see how it is useful. I’m waiting to see an example that drives it home. I
>> agr
,
because you could do:
```
Enum.map([1,2,3,4], (&1, :foo))
```
which would return `[:foo, :foo, :foo, :foo]` effectively replacing the
contents of the list with all `:foo`. Is that the idea?
On Tuesday, February 4, 2020 at 8:16:53 AM UTC-5, Ben Wilson wrote:
>
> I agree with Michal. Additio
I agree with Michal. Additionally, I'm not clear how `const/1` could be
used in Bruce's example at all.
To elaborate, `fn -> foo() end` and `const(foo())` cannot be equivalent
when `const/1` is merely a function. This becomes readily apparent when
`foo()` is side effects or side causes. In
We are still accepting applications for the funded PhD "Unlocking the enigma of
Scottish harbour porpoise fine-scale habitat
use<https://www.findaphd.com/phds/project/unlocking-the-enigma-of-scottish-harbour-porpoise-fine-scale-habitat-use/?p115212>"
Work in Scotland with Ben
I think it's the other way around. Thanksgiving in the U.S. is on the 28th.
-Original Message-
From: Public On Behalf Of Dimitris
Zacharopoulos (HARICA) via Public
Sent: Monday, November 11, 2019 12:23 AM
To: public@cabforum.org
Subject: [cabfpub] Cancel CA/B Forum teleconference
I really like this feature idea. Often you don't know or expect that a
particular function will take so long, and it's precisely at that point
that you go "man, I wish I had timed that". Particularly if the function is
doing a side effect, it may be non trivial to try again.
Perhaps if the
FWIW We have an earliest_date and latest_date helper in almost every Elixir
app we've built. The Enum.sort solution requires requires too many leaps to
be at a glance readable if it's been a bit since you used DateTime.compare.
Definitely a fan of including this.
On Thursday, October 10, 2019
FORUM-10: Re-charter Forum
Infrastructure Working Group
The following ballot is proposed by Jos Purvis of Cisco, endorsed by Wayne
Thayer of Mozilla and Ben Wilson of DigiCert. Voting begins at 2100 UTC 30
September 2019 and runs through 2100 UTC 7 October 2019.
Ballot Forum-10: Re-c
This function is really good as an exercise for new programmers to
implement, for sure. In terms of regular workflows, how often does this
exact function really come up? Given that it's only three lines to
implement, I'm not sure that adding it to the standard library contributes
much towards
I thought that the EKU "id-kp-OCSPSigning" was for the OCSP responder
certificate itself (not the CA that issues the OCSP responder certificate).
I don't think I've encountered a problem before, but I guess it would depend
on the implementation?
-Original Message-
From:
I think having Enum.filter(list, /1) actually reads
pretty well. It avoids the issue with putting it in Kernel, and provides a
very explicit name which speaks to Bruce's goal of naming concepts.
On Tuesday, July 30, 2019 at 12:47:08 PM UTC-4, Allen Madsen wrote:
>
> I don't have a strong
The presence of rarely used functions is not an argument for the addition
of further rarely used functions.
On Wednesday, July 24, 2019 at 1:05:59 PM UTC-4, Mário Guimarães wrote:
>
> It seems this function was proposed here
> https://github.com/elixir-lang/elixir/pull/5917
>
> and dropped
That approach could work.
From: Wayne Thayer
Sent: Friday, May 3, 2019 1:19 PM
To: Ben Wilson
Cc: Andrew Ayer ; Corey Bonnell ;
mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: Unretrievable CPS documents listed in CCADB
On Fri, May 3, 2019 at 8:36 AM Ben Wilson via dev
I'm against having to continually update the exact URL of the CP and CPS in the
CCADB. It's pretty easy to find the current CP and CPS from a legal
repository. Plus, if we point to an exact one in the CCADB, it might not be
the one that is applicable to a given certificate that was issued
Thanks!
To answer your question: the screen is not a touchscreen.
On Thu, Apr 18, 2019 at 1:09 PM Ben Finney
wrote:
> Ben Wilson writes:
>
> > Hey all... I'm making a VoIP mobile phone that runs Python apps. The
> > firmware will be open. Wanted to share and get the wo
Hey all... I'm making a VoIP mobile phone that runs Python apps. The
firmware will be open. Wanted to share and get the word out.
I wanted a phone that lets hackers do what they want (instead of trapping
you in a walled garden, huge IDE, non-serviceable design, etc.). The
hardware is also meant
Hey all... I'm making a VoIP mobile phone that runs Python apps. The
firmware will be open. Wanted to share and get the word out.
I wanted a phone that lets hackers do what they want (instead of trapping
you in a walled garden, huge IDE, non-serviceable design, etc.). The
hardware is also meant
Hey all... I'm making a VoIP mobile phone that runs Python apps. The
firmware will be open. Wanted to share and get the word out.
I wanted a phone that lets hackers do what they want (instead of trapping
you in a walled garden, huge IDE, non-serviceable design, etc.). The
hardware is also meant
Can you elaborate for those of us with less context? What is tree-sitter?
What are you proposing?
On Thursday, March 28, 2019 at 10:10:14 PM UTC-4, João Paulo Silva de Souza
wrote:
>
> Seems like I wrongly opened an issue instead of posting here first ->
>
nt of code signing certificates
(https://cabforum.org/wp-content/uploads/Code-Signing-Requirements-2015-11-19.pdf;
https://cabforum.org/2015/12/17/ballot-158).
It is proposed by Ben Wilson of DigiCert and endorsed by Mike Reilly of
Microsoft and Bruce Morton of Entrust Datacard that the For
I feel that I’ve followed the ballot rules, and I am assuming that this is a
valid ballot with the comment period ending and voting beginning Friday,
1-March-2019 at 0100 UTC.
From: Public On Behalf Of Ben Wilson via Public
Sent: Friday, February 22, 2019 9:17 AM
To: Dimitris Zacharopoulos
://cabforum.org/2015/12/17/ballot-158).
It is proposed by Ben Wilson of DigiCert and endorsed by Mike Reilly of
Microsoft and Bruce Morton of Entrust Datacard that the Forum charter a working
group to operate in accordance with the Scope and other provisions that follow.
This Charter will take
Ideally,
> if possible, we can use a property-based test to validate that inverting
> the map 2 times will always returns the initial map.
>
> What are your thoughts?
>
> Thanks,
>
> Justin
>
>
> On Thursday, February 7, 2019 at 5:45:49 AM UTC-7, Andrea Leopar
Map.invert is at least largely harmless, unlike some of the other proposals
that happen. It's still a little odd to me to have a function that boils
down to just:
Map.new(map, fn {k, v} -> {v, k} end)
Honestly that is almost clearer if you've never heard the word "invert"
with respect to
We believe this issue has been fixed.
From: Ben Wilson
Sent: Sunday, January 27, 2019 2:22:45 PM
To: Corey Bonnell; mozilla-dev-security-pol...@lists.mozilla.org
Subject: RE: Incorrect OCSP status for revoked intermediates
Thanks, Corey. As I said, we'll try
...@lists.mozilla.org
Subject: Re: Incorrect OCSP status for revoked intermediates
On Sunday, January 27, 2019 at 4:09:44 PM UTC-5, Ben Wilson wrote:
> I'll look into this immediate, but have you checked to see whether
> these certificates have OCSP AIAs in them? Or did you find these by
> searching
I'll look into this immediate, but have you checked to see whether these
certificates have OCSP AIAs in them? Or did you find these by searching our
CRLs.
-Original Message-
From: dev-security-policy On
Behalf Of Corey Bonnell via dev-security-policy
Sent: Sunday, January 27, 2019 8:50
Here is a draft Code Signing Certificate WG Charter. Please provide your
comments.
https://docs.google.com/document/d/11mtnfCIeXJTX3EDz0wjV0-bigcjatC-kNJf0Uh6cMwk/edit?usp=sharing
Thanks,
Ben Wilson
___
Public mailing list
Public
Here is a draft SMIME WG Charter. Please provide your comments.
https://docs.google.com/document/d/1vEswtzzMm0_G0ujoAT5ChiajyqfRfDTydG9Nmsc-eo4/edit?usp=sharing
Thanks,
Ben Wilson
___
Public mailing list
Public@cabforum.org
https
I don't really agree that it makes the intent clearer. It combines two
distinct and unrelated activities. One takes the sum of a list, the other
maps each value in a list to some other value. list |> Enum.map(& &1 * 2)
|> Enum.sum expresses this perfectly. If you're going for lolspeed and need
As mentioned on today's call - please contact me off-list if you're
interested in helping draft the charters for the two above-listed working
groups.
smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
Jakob Bohm wrote "Each of these arguments for maximum punishment and/or
maximum inconvenience for innocent bystanders is backed by a formal/legal
interpretation of existing rules as making this the only possible outcome."
I'd agree - heavy-handed, strict enforcement of some rules unnecessarily
and Interested Parties. It is proposed by Ben Wilson of DigiCert and
endorsed by _ of _ and _ of __ that the Forum charter a
working group to operate in accordance with the Scope and other provisions
that follow. This Charter will take effect upon approval of the CAB Forum
by ballot
The current version of the Bylaws (v.2.0) are posted on the Website here -
https://cabforum.org/bylaws/
The PDF and Word versions are here: https://cabforum.org/wiki/Bylaws
The Github version has been updated and is available here -
VOTING HAS STARTED.
DigiCert votes "YES"
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ben Wilson
via Public
Sent: Wednesday, September 5, 2018 9:35 PM
To: CABFPub mailto:public@cabforum.org> >
Subject: [EXTERNAL][cabfpub] Ballot Forum-2 - Chair and
, September 11, 2018 9:07 AM
To: Ben Wilson ; CA/Browser Forum Public Discussion
List ; Jos Purvis (jopurvis)
Subject: RE: [cabfpub] Forum Infrastructure Working Group: Initial Meeting and
Declarations
Me.
I didn’t sign up on the wiki b/c DigiCert already joined through Ben’s signup.
-Tim
Just a reminder –
Jos, Ryan, Wayne, Moudrick and Dimitris have signed up so far on the wiki for
the Infrastructure WG.
Other takers?
From: Public On Behalf Of Ben Wilson via Public
Sent: Friday, August 31, 2018 12:00 PM
To: Jos Purvis (jopurvis) ; CA/Browser Forum Public
oses.
>
> *-Motion begins-*
>
> The two candidates for Chair of the CA/Browser Forum for a term
> commencing on November 1, 2018 and continuing through October 31, 2020
are:
>
> 1.Ben Wilson
>
> 2.Dimitris Zacharopoulos
>
> _Please send your vote to
Ballot Forum-2 - Chair and Vice-Chair Term Extensions
Ben Wilson of DigiCert calls the following proposed ballot to be published
for discussion and comment by the CABF membership.
Dimitris Zacharopoulos of HARICA and Jos Purvis of Cisco have endorsed the
proposed ballot.
Explanation
Thanks, Jos. I’ve signed up and indicated on Doodle that I’m pretty much
available except Thursday mornings when we have some of our other CABF calls.
From: Public On Behalf Of Jos Purvis (jopurvis)
via Public
Sent: Friday, August 31, 2018 10:31 AM
To: CA/B Forum Public List
Subject:
Hi.
I'm Ben Wilson.
Many of you know me, but for those who may not, I am DigiCert's VP of
Compliance and have worked in PKI for approximately 20 years during which I
have been an active participant in the work of the CA/Browser Forum (CAB
Forum) and have held a variety of CABF leadership
Final Minutes for Server Certificate Working Group Teleconference - 9 August
2018
Attendees:
1. Roll Call. The roll call occurred on the previous Forum teleconference.
2. Read Antitrust Statement. Reading of the Antitrust Statement occurred
on the previous Forum teleconference.
Final Minutes for CA/Browser Forum Teleconference - 9 August 2018
Attendees: Arno Fiedler (D-TRUST), Atsushi Inaba (GlobalSign), Ben Wilson
(DigiCert), Corey Bonnell (Trustwave),Daymion Reynolds (GoDaddy), Dean
Coclin (DigiCert), Devon O'Brien (Google), Dimitris Zacharopoulos (HARICA),
Doug
What about all of the other audit firms?
From: Wayne Thayer
Sent: Wednesday, August 15, 2018 1:09 PM
To: Ben Wilson
Cc: Ryan Sleevi ; mozilla-dev-security-policy
Subject: Re: Misissuance and BR Audit Statements
I went ahead and noted these DigiCert audits as a concern on the CCADB
Re-sending
-Original Message-
From: Ben Wilson
Sent: Wednesday, August 15, 2018 8:34 AM
To: 'r...@sleevi.com' ; Wayne Thayer
Cc: mozilla-dev-security-policy
Subject: RE: Misissuance and BR Audit Statements
Thanks, Ryan and Wayne,
Going forward we'll work to improve our management
Thanks, Ryan and Wayne,
Going forward we'll work to improve our management letter disclosures to
include reported mis-issuances during the audit period.
Sincerely yours,
Ben
-Original Message-
From: dev-security-policy On
Behalf Of Ryan Sleevi via dev-security-policy
Sent: Monday,
Norbert,
I've tried to verify this with and without spaces in the msg.asc below. I
get "Signature Verification Failure". Please contact me off-list to provide
me clearer information related to your proof of private key possession.
Thanks,
Ben Wilson
-Original Message-
From: de
Below I have forwarded Kathleen Wilson's message from the Mozilla Dev Security
Policy list.
It is with great sadness that we have learned the news of Gerv Markham's
passing.
I uploaded a few photos of Gerv from a few of our social events to the wiki -
https://cabforum.org/wiki/Gerv
As
If you are interested in following the work of the Server Certificate Working
Group, you can subscribe here:
https://cabforum.org/mailman/listinfo/servercert-wg
If you subscribe, and after a while you notice that you are not receiving
emails sent to
If you have not subscribed to the Server Certificate WG Mailing List, please
go here:
https://cabforum.org/mailman/listinfo/servercert-wg
Posting privileges will be granted to members, associate members, and
interested parties who have signed the IPR Agreement and formally declared
their
Hi All,
As Kirk mentioned during the teleconference call yesterday, we are in the
process of spinning up the Server Certificate Working Group and will hold our
first meeting on July 12. Kirk and I will be sending out a more formal
announcement of that meeting and solicitation for
All,
Does anyone know what the proper syntax is for the undocumented -header host
switch? I'm getting some different responses/behaviors when I try these:
-header "Host" "ocsp.example.com"
-header 'Host' 'ocsp.example.com'
-header Host ocsp.example.com
Thanks,
Ben
,
Ben Wilson
From: Public <public-boun...@cabforum.org> On Behalf Of Mehner, Carl via Public
Sent: Wednesday, April 18, 2018 4:10 PM
To: Virginia Fournier <vfourn...@apple.com>; CA/Browser Forum Public Discussion
List <public@cabforum.org>
Subject: Re: [cabfpub] EXTERNAL: C
. What is the
security-critical driver behind this? Where is the risk-cost-benefit analysis?
From: Wayne Thayer [mailto:wtha...@mozilla.com]
Sent: Thursday, April 5, 2018 1:56 PM
To: Ben Wilson <ben.wil...@digicert.com>
Cc: Dimitris Zacharopoulos <ji...@it.auth.gr>; r...@sleevi.c
If I create a new sub CA on a weekly basis, will that mean that I have to
republish my CPS every week? That makes absolutely no sense.
-Original Message-
From: dev-security-policy
[mailto:dev-security-policy-bounces+ben=digicert@lists.mozilla.org] On
Behalf Of Dimitris
curity-pol...@lists.mozilla.org
Subject: Re: Mis-issuance of certificate with https in CN/SAN
On 16/03/2018 05:28, Ben Wilson wrote:
> This mis-issuance incident was reported by Cybertrust Japan (CTJ), an
> intermediate CA of DigiCert.
> (https://clicktime.symantec.com/a/1/qNaFf1d2FZ7nAtcI4QYFpyVzedh
if they contained the
incorrect string in the FQDN and to investigate if any additional problematic
certificates existed.
B. CTJ patched its system on Mar 14.
Ben Wilson, JD, CISA, CISSP
DigiCert VP Compliance
___
dev-security-policy mailing list
dev-security
I would highly recommend taking a walk through existing threads in the
mailing list and forums. This and other similar pipe additions have been
requested before. I'm glad you're interested in improving the language, but
the proposal itself doesn't reflect a familiarity with existing answers to
I've filed an incident report here:
https://bugzilla.mozilla.org/show_bug.cgi?id=1442091
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
Is nillable(String.t) less boilerplate than String.t | nil ?
On Wednesday, February 28, 2018 at 9:12:42 AM UTC-5, Yordis Prieto wrote:
>
> I am more interested on the solution of `nil | t` I dont mind changing the
> name to `nillable(t)` or whichever other word in English.
>
> The needs come
maybe(t) is traditionally `Some(t) | None`, which isn't really the same as
`nil | t`. The closest analogue would seem to me to be `{:ok, t} | :error`
although that doesn't quite communicate the same thing.
On Tuesday, February 27, 2018 at 7:11:39 AM UTC-5, Yordis Prieto wrote:
>
> Introducing
Can you elaborate on motivating code patterns? Every instance where I've
wanted to determine if a specific module is around has been a compile time
question for meta-programming purposes, and the `Code.ensure_loaded?`
function has worked great for that.
On Sunday, February 25, 2018 at 6:56:25
Can you elaborate on the safety provided by doing `%Struct{} = ` on a
function? There are no compile time checks that calls to that function are
actually of that struct type, just runtime checks on the data. Put another
way this isn't really a type check, but an assertion.
On Friday, February
I too would find this useful.
On Wednesday, February 14, 2018 at 2:19:04 PM UTC-5, pragdave wrote:
>
> ✓
>
> On Thursday, January 18, 2018 at 9:09:32 AM UTC-6, Ville Hellman wrote:
>>
>> Hey all,
>>
>> I'm proposing a new option for the `mix new` task: `--nocomments` when
>> run with this
ur comments to the branch/pull request-
https://github.com/cabforum/documents/pull/84.
Thanks,
CABF Policy Review Working Group
Ben Wilson, JD, CISA, CISSP
DigiCert VP Compliance
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public
Have you evaluated an Agent for your purposes? It has basically exactly
this function.
On Tuesday, January 30, 2018 at 9:17:08 AM UTC-5, Federico Bergero wrote:
>
> Hi all,
> I'm proposing a new GenServer callback `query` similar to the
> call but which does not change the process
This is achievable with `\` btw:
with \
%{x: x} <- y
do
x
end
On Tuesday, January 30, 2018 at 7:39:07 AM UTC-5, Po Chen wrote:
>
> Ah I thought `with` was part of the language, then I realized how small
> the language core is.
> Now I wish the language is actually a little bigger :S mixed
An important thing to note is that in Elixir it's generally the caller of a
function that determines whether they want sync or async behaviour, not
the callee. Generally speaking you simply write functions that take input
and return output. If a given caller of that function wants that to
What about the Mozilla CA communication that said that CAs had until 15
April 2018?
-Original Message-
From: dev-security-policy
[mailto:dev-security-policy-bounces+ben=digicert@lists.mozilla.org] On
Behalf Of Rob Stradling via dev-security-policy
Sent: Tuesday, January 16, 2018 2:29
or
replace "Browsers" with "Application Software Suppliers" (which doesn't sound
very well).
Dimitris.
On 11/1/2018 7:21 πμ, Ben Wilson via Public wrote:
As a preface to tomorrow's discussion of the proposed Bylaw revisions, here is
a synopsis of some of the propos
I’ve posted them now. <https://cabforum.org/2017/10/12/2017-10-12-minutes/>
https://cabforum.org/2017/10/12/2017-10-12-minutes/
Ben Wilson, JD, CISA, CISSP
VP Compliance
+1 801 701 9678
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of realsky(CHT) via
Publi
n=digicert@lists.mozilla.org] On
Behalf Of Ben Wilson via dev-security-policy
Sent: Monday, January 8, 2018 3:42 PM
To: mozilla-dev-security-pol...@lists.mozilla.org
Subject: 5.3.1 Technically Constrained
Which "above paragraph" is being referenced in the following excerp
and which directly or transitively chain to a
certificate included in Mozilla's CA Certificate Program, MUST be operated in
accordance with this policy and MUST either be technically constrained or be
publicly disclosed and audited."
Thanks,
Ben Wilson
Ben Wilson, JD, CIS
The downside here is that you can no longer copy and paste the output.
On Monday, January 1, 2018 at 10:58:30 AM UTC-5, Wojtek Mach wrote:
>
> Hello,
>
> Having an Inspect implementation would make a shorter output in iex,
> exunit diffs etc and the string representation is inambiguous. Under
DigiCert votes “Yes” on Ballot 216
On Tue, Dec 12, 2017 at 1:51 PM, Gervase Markham via Public
> wrote:
[Updated endorsers, 2nd attempt. Timeline unchanged.]
Ballot 216: Update Discussion Period Process
Purpose of Ballot: The current voting
DigiCert votes "Yes" on Ballot 217
On 7 Dec 2017, at 16:52, Ryan Sleevi via Public > wrote:
Ballot 217: Sunset RFC 2527
Purpose of Ballot: The Baseline Requirements and Extended Validation
Guidelines require that CA's disclosures of
Let’s put this on the agenda for next CABF teleconference.
Ben Wilson, JD, CISA, CISSP
VP Compliance
+1 801 701 9678
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Geoff Keating
via Public
Sent: Monday, October 9, 2017 5:04 PM
To: Phillip <phill...@comodo.com&g
Could someone re-check Multicert and SCEE? (See below.) They have indicated to
us that they have now patched their OCSP responder systems.
DN: CN=Cartão de Cidadão 001, OU=ECEstado, O=SCEE - Sistema de Certificação
Electrónica do Estado, C=PT
Example cert: https://crt.sh/?id=12729446
OCSP
irst thing next week.
Ben Wilson, JD, CISA, CISSP
VP Compliance
smime.p7s
Description: S/MIME cryptographic signature
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
Minutes for CA/Browser Forum Teleconference – Oct. 12, 2017
Attendees: Arno Fiedler (D-TRUST), Atsushi Inaba (GlobalSign), Ben Wilson
(DigiCert), Christopher Kemmerer (SSL.com), Connie Enke (SwissSign), Curt Spann
(Apple), Devon O’Brien (Google), Doug Beattie (GlobalSign), Frank Corday
I’ll leave Jeremy’s comments as DigiCert’s most recent.
From: Eric Mill [mailto:e...@konklone.com]
Sent: Tuesday, October 24, 2017 2:34 PM
To: Ben Wilson <ben.wil...@digicert.com>
Cc: Doug Beattie <doug.beat...@globalsign.com>; Gervase Markham
<g...@mozilla.org>; mozill
rk.h...@entrustdatacard.com;
Vice Chair, Ben Wilson, ben.wil...@digicert.com; terms to run concurrently with
their terms as Chair and Vice Chair of the Forum, unless otherwise voted upon
by the Working Group
Members eligible to participate: The Working Group shall consist of two
classes of vo
DigiCert votes "yes" on Ballot 208
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ben Wilson
via Public
Sent: Thursday, October 12, 2017 12:05 PM
To: CABFPub <public@cabforum.org>
Subject: [cabfpub] Ballot 208 - dnQualifiers
Ballot 208 - dnQualifiers
Th
: Moudrick M. Dadashov [mailto:m...@ssc.lt]
Sent: Wednesday, July 26, 2017 2:32 PM
To: Ben Wilson <ben.wil...@digicert.com>; CA/Browser Forum Public Discussion
List <public@cabforum.org>
Subject: Re: [cabfpub] Pre-Ballot 209 EV Liability
Thanks, Ben.
Assuming that any combinatio
Ryan,
One issue with the qualified audit, as was expressed during the face-to-face
meeting, although I haven’t been able to find it, is that Microsoft apparently
requires the WebTrust seal, which is based on an unqualified audit. If anyone
can point me to the requirement, I’d appreciate
Would all of the browsers need to adopt some type of statement to the effect
that "all CAs are expected to comply with the most recent version of the
Baseline Requirements and EV Guidelines? It seems you are just moving the
statement/requirement from one place to another?
-Original
601 - 700 of 1429 matches
Mail list logo