Chronicles of the CCADB: From Conception to Retirement Reflections

lping to keep the web safe. The new CCADB officers are: Chairperson: Chris Clements Treasurer: Ben Wilson It has been a pleasure to work with you all, and I wish you all the best! Kathleen Wilson -- You received this message because you are subscribed to the Google Groups "CCADB Public&

Retirement Announcement & Thank You!

odules. I am confident that he will continue to do a great job. In my retirement years, which begin on February 29, I look forward to having fewer responsibilities and traveling more. Best Regards, Kathleen Wilson -- You received this message because you are subscribed to the Google

Mozilla intends to Transfer CCADB Ownership to Linux Foundation

The Common CA Database (CCADB) is a highly customized Instance of Salesforce Cloud (Salesforce MSA ), which has been owned and maintained by Mozilla since 2014. A Salesforce

Re: Audit Reminder Email Summary - Intermediate Certificates

Forwarded Message Subject: Summary of February 2024 Outdated Audit Statements for Intermediate Certs Date: Tue, 20 Feb 2024 13:00:24 + (GMT) CA Owner: Government of The Netherlands, PKIoverheid (Logius) - Certificate Name: DigiCert QuoVadis PKIoverheid Organisatie

Re: Audit Reminder Email Summary - Root Certificates

Forwarded Message Subject: Summary of February 2024 Audit Reminder Emails Date: Tue, 20 Feb 2024 13:00:29 + (GMT) Mozilla: Audit Reminder CA Owner: iTrusChina Co., Ltd. Root Certificates: vTrus Root CA vTrus ECC Root CA Standard Audit:

CCADB Update: PEM Import Tool

All, The PEM Import Tool has been updated and re-run on all root and intermediate certificate records in the CCADB. This tool takes a PEM-encoded certificate and outputs JSON containing data from the parsed certificate. The

Re: Audit Reminder Email Summary - Intermediate Certificates

Forwarded Message Subject: Summary of January 2024 Outdated Audit Statements for Intermediate Certs Date: Tue, 16 Jan 2024 13:00:09 + (GMT) CA Owner: Government of The Netherlands, PKIoverheid (Logius) - Certificate Name: DigiCert QuoVadis PKIoverheid Organisatie

Re: Audit Reminder Email Summary - Root Certificates

Forwarded Message Subject: Summary of January 2024 Audit Reminder Emails Date: Tue, 16 Jan 2024 13:00:28 + (GMT) Mozilla: Audit Reminder CA Owner: Buypass Root Certificates: Buypass Class 3 Root CA Buypass Class 2 Root CA Standard Audit:

Re: Audit Reminder Email Summary - Intermediate Certificates

Forwarded Message Subject: Summary of December 2023 Outdated Audit Statements for Intermediate Certs Date: Tue, 19 Dec 2023 13:00:24 + (GMT) CA Owner: Government of The Netherlands, PKIoverheid (Logius) - Certificate Name: DigiCert QuoVadis PKIoverheid Organisatie

Re: Audit Reminder Email Summary - Root Certificates

Forwarded Message Subject: Summary of December 2023 Audit Reminder Emails Date: Tue, 19 Dec 2023 13:00:35 + (GMT) Mozilla: Audit Reminder CA Owner: Buypass Root Certificates: Buypass Class 3 Root CA Buypass Class 2 Root CA Standard Audit:

Re: Audit Reminder Email Summary - Intermediate Certificates

Forwarded Message Subject: Summary of November 2023 Outdated Audit Statements for Intermediate Certs Date: Tue, 21 Nov 2023 13:00:30 + (GMT) CA Owner: Government of The Netherlands, PKIoverheid (Logius) - Certificate Name: DigiCert QuoVadis PKIoverheid Organisatie

Re: Audit Reminder Email Summary - Root Certificates

Forwarded Message Subject: Summary of November 2023 Audit Reminder Emails Date: Tue, 21 Nov 2023 13:00:30 + (GMT) Mozilla: Audit Reminder CA Owner: Internet Security Research Group Root Certificates: ISRG Root X2** ISRG Root X1** ** Audit Case in the Common CA

Re: Audit Reminder Email Summary - Intermediate Certificates

Forwarded Message Subject: Summary of October 2023 Outdated Audit Statements for Intermediate Certs Date: Tue, 17 Oct 2023 12:00:17 + (GMT) CA Owner: Government of The Netherlands, PKIoverheid (Logius) - Certificate Name: DigiCert QuoVadis PKIoverheid Organisatie

Re: Audit Reminder Email Summary - Root Certificates

Forwarded Message Subject: Summary of October 2023 Audit Reminder Emails Date: Tue, 17 Oct 2023 12:00:33 + (GMT) Mozilla: Overdue Audit Statements CA Owner: SSL.com Root Certificates: SSL.com TLS ECC Root CA 2022** SSL.com EV Root Certification Authority RSA R2**

Re: Ownership change for Mozilla CA Certificate Policy module

The module ownership has been updated. https://wiki.mozilla.org/Modules/All#Governance_Sub_Modules Best Regards, Kathleen On Thursday, September 14, 2023 at 9:15:19 AM UTC-7 Kathleen Wilson wrote: All, I posted the following in Mozilla’s governance group <https://groups.google.

Re: Audit Reminder Email Summary - Intermediate Certificates

Forwarded Message Subject: Summary of September 2023 Outdated Audit Statements for Intermediate Certs Date: Tue, 19 Sep 2023 12:00:30 + (GMT) CA Owner: Government of The Netherlands, PKIoverheid (Logius) - Certificate Name: DigiCert QuoVadis PKIoverheid Organisatie

Re: Audit Reminder Email Summary - Root Certificates

Forwarded Message Subject: Summary of September 2023 Audit Reminder Emails Date: Tue, 19 Sep 2023 12:00:34 + (GMT) Mozilla: Audit Reminder CA Owner: Certainly LLC Root Certificates: Certainly Root R1** Certainly Root E1** ** Audit Case in the Common CA Database is

Ownership change for Mozilla CA Certificate Policy module

certificates, and for updating trust bit settings or enabling EV treatment for already included root certificates. Owner: Ben Wilson – no change Peer(s): Kathleen Wilson – no change 2) Mozilla CA Certificate Policy <https://wiki.mozilla.org/Modules/All#Mozilla_CA_Certificate_Policy> Des

CCADB Update: PEM import tool

All, The tool used by the CCADB to fill in information on root and intermediate certificate records based on the certificate PEM has been updated. We have created a new version of the tool in the CCADB-Tools Github repo that is

Re: CCADB License Usage Guidelines

All, The Usage Guidelines page has been added to the CCADB (ccadb.org -> For CAs -> Usage Guidelines). And the "Welcome" and "Password-reset" email templates for the CCADB have been updated to provide a link to the usage guidelines page. We (CCADB

Re: Audit Reminder Email Summary - Intermediate Certificates

Forwarded Message Subject: Summary of August 2023 Outdated Audit Statements for Intermediate Certs Date: Tue, 15 Aug 2023 12:00:38 + (GMT) None -- -- You received this message because you are subscribed to the Google Groups "dev-security-policy@mozilla.org" group. To

Re: Audit Reminder Email Summary - Root Certificates

Forwarded Message Subject: Summary of August 2023 Audit Reminder Emails Date: Tue, 15 Aug 2023 12:00:25 + (GMT) Mozilla: Audit Reminder CA Owner: eMudhra Technologies Limited Root Certificates: emSign Root CA - G1 emSign ECC Root CA - G3 emSign Root CA - C1

Re: CCADB License Usage Guidelines

Dear CAs, Thank you all for being conscientious with your CCADB daily-unique-logins since I made the request on July 14. Thanks to your efforts, we came within our current annual allotment. Also, thank you to all of you who have responded to provide your input either here in this discussion

Re: CCADB License Usage Guidelines

Here's a summary of the many emails that CA representatives have sent me regarding the topic of what information they need from the CCADB. - Weekly (or customizable-frequency) emails containing information about - Task list reports - Status of

CCADB License Usage Guidelines

All, I will appreciate feedback on the following draft for a web page to be added to https://www.ccadb.org/cas/. Thanks, Kathleen Link on "For CAs" page: "Usage Guidelines" Web page URL: www.ccadb.org/cas/usage-guidelines This page is intended for CA Owners who have requested and

Re: Audit Reminder Email Summary - Intermediate Certificates

Forwarded Message Subject: Summary of July 2023 Outdated Audit Statements for Intermediate Certs Date: Tue, 18 Jul 2023 12:00:36 + (GMT) None -- -- You received this message because you are subscribed to the Google Groups "dev-security-policy@mozilla.org" group. To

Re: Audit Reminder Email Summary - Root Certificates

Forwarded Message Subject: Summary of July 2023 Audit Reminder Emails Date: Tue, 18 Jul 2023 12:00:52 + (GMT) Mozilla: Audit Reminder CA Owner: eMudhra Technologies Limited Root Certificates: emSign Root CA - G1 emSign ECC Root CA - G3 emSign Root CA - C1 emSign

Re: Exceeding CCADB CA Logins for Current Term

Thank you to all of you who have so promptly responded to this request to reduce your CCADB logins until August 5. If you do need to make updates to the CCADB before August 5, we ask that you consolidate your CA's logins to one account one day per week. I appreciate the email that I have

Exceeding CCADB CA Logins for Current Term

All, We have sent the following notice to each CA Primary Point of Contact (POC) who has been regularly and frequently logging into the CCADB. We would like to have a discussion here about the information that CA primary POCs currently obtain by logging into the CCADB when they don’t need to

Re: Audit Reminder Email Summary - Intermediate Certificates

Forwarded Message Subject: Summary of June 2023 Outdated Audit Statements for Intermediate Certs Date: Tue, 20 Jun 2023 12:00:33 + (GMT) None -- -- You received this message because you are subscribed to the Google Groups "dev-security-policy@mozilla.org" group. To

Re: Audit Reminder Email Summary - Root Certificates

Forwarded Message Subject: Summary of June 2023 Audit Reminder Emails Date: Tue, 20 Jun 2023 12:00:26 + (GMT) Mozilla: Audit Reminder CA Owner: Autoridad de Certificación (ANF AC) Root Certificates: ANF Secure Server Root CA** ** Audit Case in the Common CA Database is

Re: Security concerns with the e-Tugra certificate authority

Regarding Mozilla's root program, we will start a discussion about this in MDSP soon. Thanks, Kathleen -- You received this message because you are subscribed to the Google Groups "CCADB Public" group. To unsubscribe from this group and stop receiving emails from it, send an email to

Re: Broken CRL URLs in CCADB

The AllCertificatePEMsCSVFormat report has been update to accept one parameter: either NotBeforeYear or NotBeforeDecade The Resources tab of the ccadb.org site has been updated with the new description of this report: https://www.ccadb.org/resources#all-certificate-pems > would sharding by

Re: Broken CRL URLs in CCADB

Would it be possible to split it into multiple reports (e.g. 16 different reports based on the first hex digit of the fingerprint)? How about if we shard the reports based on certificate notBefore? For example:

Re: Broken CRL URLs in CCADB

On Tuesday, May 16, 2023 at 10:43:34 AM UTC-7 corey@digicert.com wrote: However, one of the new reports, such as the PEM texts of all certificates in CCADB, must first be accessed via a browser and JavaScript be executed to download the report. This download process hinders automation for

Re: Audit Reminder Email Summary - Intermediate Certificates

Forwarded Message Subject: Summary of May 2023 Outdated Audit Statements for Intermediate Certs Date: Tue, 16 May 2023 12:00:18 + (GMT) None -- -- You received this message because you are subscribed to the Google Groups "dev-security-policy@mozilla.org" group. To

Re: Audit Reminder Email Summary - Root Certificates

Forwarded Message Subject: Summary of May 2023 Audit Reminder Emails Date: Tue, 16 May 2023 12:00:19 + (GMT) Mozilla: Audit Reminder CA Owner: Autoridad de Certificación (ANF AC) Root Certificates: ANF Secure Server Root CA Standard Audit:

Re: Broken CRL URLs in CCADB

www.ccadb.org/resources is updated with the links as previously stated: - All Certificate Information (root and intermediate) in CCADB (CSV) - All Certificate PEMs (root and intermediate) in CCADB

Re: Broken CRL URLs in CCADB

>> We've updated the report >> https://ccadb.my.salesforce-sites.com/ccadb/AllCertificatePEMsCSVFormat >> to add two more columns (Valid From, Valid To). > Did you mean... > https://ccadb-public.secure.force.com/ccadb/AllCertificateRecordsCSVFormat > ? Yes. >> We've also created another

Re: Broken CRL URLs in CCADB

We've updated the report https://ccadb.my.salesforce-sites.com/ccadb/AllCertificatePEMsCSVFormat to add two more columns (Valid From, Valid To). We've also created another report: https://ccadb.my.salesforce-sites.com/ccadb/AllCertificatePEMsCSVFormat It has two columns: SHA-256 Fingerprint,

Re: Audit Reminder Email Summary - Intermediate Certificates

Forwarded Message Subject: Summary of April 2023 Outdated Audit Statements for Intermediate Certs Date: Tue, 18 Apr 2023 12:00:30 + (GMT) CA Owner: Amazon Trust Services - Certificate Name: Amazon SHA-256 Fingerprint:

Re: Audit Reminder Email Summary - Root Certificates

Forwarded Message Subject: Summary of April 2023 Audit Reminder Emails Date: Tue, 18 Apr 2023 12:00:31 + (GMT) Mozilla: Overdue Audit Statements CA Owner: iTrusChina Co., Ltd. Root Certificates: vTrus Root CA** vTrus ECC Root CA** ** Audit Case in the Common CA

Re: Empty JSON Array of Partitioned CRLs

To close this discussion... The value [""] may be entered into the "JSON Array of Partitioned CRLs" field to indicate that the certificate is not yet issuing (and that the CA will provide a JSON array of partitioned CRLs when it does start issuing). The API Instructions

Re: Audit Reminder Email Summary - Intermediate Certificates

Forwarded Message Subject: Summary of March 2023 Outdated Audit Statements for Intermediate Certs Date: Tue, 21 Mar 2023 12:00:33 + (GMT) None -- -- You received this message because you are subscribed to the Google Groups "dev-security-policy@mozilla.org" group. To

Re: Audit Reminder Email Summary - Root Certificates

Forwarded Message Subject: Summary of March 2023 Audit Reminder Emails Date: Tue, 21 Mar 2023 12:00:30 + (GMT) Mozilla: Audit Reminder CA Owner: iTrusChina Co., Ltd. Root Certificates: vTrus Root CA** vTrus ECC Root CA** ** Audit Case in the Common CA Database is

Re: Public Discussion re: Beijing CA (BJCA)

Thank you, Mark, for providing a great write-up to explain the situation more clearly! And thank you to all of you who have patiently continued to participate in this discussion thread. I will proceed with approving BJCA's root inclusion request now. Thanks, Kathleen -- You received this

Re: Empty JSON Array of Partitioned CRLs

Our Salesforce Admin has confirmed that passing [""] into JSONArrayofPartitionedCRLs will work -- it will result in [""] being stored in the "JSON Array of Partitioned CRLs" field. I checked in the CCADB, and some CAs have already been manually entering [""] into the "JSON Array of Partitioned

Re: Public Discussion re: Beijing CA (BJCA)

All, Thanks again for your responses in this discussion. After investigation and double-checking again with those of you who have previously raised concern about this request, I have not obtained reasonable suspicion that One Pass

Re: CA issuance policies (was Re: DRAFT: Root Inclusion Considerations)

I have updated the 4th bullet point in https://wiki.mozilla.org/CA/Root_Inclusion_Considerations#Concerning_Behavior to say: *The CA's representative is unable to demonstrate that the CA has implemented anti-corruption mechanisms (e.g. ISO 37001 certification

Re: Empty JSON Array of Partitioned CRLs

Currently the "JSON Array of Partitioned CRLs" field can be set to '[]' to indicate that the CA is aware that this value needs to be provided as soon as the intermediate certificate starts to issue certificates. We did this because leaving the "JSON Array of Partitioned CRLs" field empty

Re: Public Discussion re: Beijing CA (BJCA)

All, As per Mozilla's root inclusion process I need to make a decision about approving or denying this root inclusion request from the Beijing CA. In my opinion, the Beijing CA has successfully completed our root inclusion process and demonstrated compliance with all of our rules and policies.

Re: DRAFT: Root Inclusion Considerations

I continue to receive feedback/concerns about the auditor bullet point in the "Concerning Behavior " section, so I am attempting to resolve those concerns with the following version of that bullet point: - The

Re: Public Discussion of SERPRO's CA Inclusion Request

> > As for not giving time to address concerns raised in the inclusion > process, I do think some accommodation is needed but when it comes to > basics like this it seems very appropriate to say start over. > > Ryan Hurst > > On Wed, Mar 1, 2023 at 10:00 AM Kathleen Wil

Re: Public Discussion of SERPRO's CA Inclusion Request

I agree with Watson, so I think we should deny this root inclusion request. The CA may re-apply when they truly have everything in order. Also, for future discussions, perhaps we should not allow CAs root inclusion discussions to be put on hold while the CA fixes things. Thanks, Kathleen --

Re: Security concerns with the e-Tugra certificate authority

On Sunday, February 26, 2023 at 1:22:39 AM UTC-8 ryan@gmail.com wrote: This thread and associated bug have been silent for an uncharacteristically long time, and I am curious as to when this issue will be closed. [Kathleen] I added https://bugzilla.mozilla.org/show_bug.cgi?id=1801345#c19

Re: Audit Reminder Email Summary - Intermediate Certificates

Forwarded Message Subject: Summary of February 2023 Outdated Audit Statements for Intermediate Certs Date: Tue, 21 Feb 2023 13:00:20 + (GMT) CA Owner: Government of The Netherlands, PKIoverheid (Logius) - Certificate Name: Ministerie van Defensie PKIoverheid Organisatie

Re: Audit Reminder Email Summary - Root Certificates

Forwarded Message Subject: Summary of February 2023 Audit Reminder Emails Date: Tue, 21 Feb 2023 13:00:21 + (GMT) Mozilla: Audit Reminder CA Owner: iTrusChina Co., Ltd. Root Certificates: vTrus Root CA vTrus ECC Root CA Standard Audit:

Re: CCADB Update: Changing URLs (breaking change)

The following email has been sent via the CCADB to all CA points-of-contacts who currently have CCADB logins. -- Dear Certification Authority Operator, The CCADB has been updated to Salesforce Enhanced Domains, as described here: https://help.salesforce.com/s/articleView?id=000393816=1 This

Re: CCADB Update: Changing URLs (breaking change)

https://*ccadb.force.com*/CustomLogin to https://*ccadb.my.site.com*/CustomLogin Thanks, Kathleen On Friday, February 17, 2023 at 1:45:07 PM UTC-8 r...@sectigo.com wrote: > Does your office have Microsoft Office365 with Safe Links protection enabled? Yes, sadly. Thanks for the tip! *From:* Kathle

Re: CCADB Update: Changing URLs (breaking change)

Hi Rob, Does your office have Microsoft Office365 with Safe Links protection enabled? https://help.salesforce.com/s/articleView?id=000354234=1 The only resolution available for this issue is to whitelist Salesforce domain within Safe links policy. Previously in ccadb.org -> For CAs -> New

Re: CCADB Update: Changing URLs (breaking change)

-- On Friday, February 17, 2023 at 12:13:40 PM UTC-8 r...@sectigo.com wrote: Hi Kathleen. > New: https://ccadb-public.my.salesforce-sites.com/ccadb/Report I don't see this domain in DNS yet, and neither does https://dnschecker.org/#A/ccadb-public.my.salesforce-sites.com. Is there a problem?

Re: CCADB Update: Changing URLs (breaking change)

do the same over the next week on ccadb.org and root store websites and wiki pages. Thank you for your patience. Kathleen, on behalf of the CCADB Steering Committee On Friday, February 17, 2023 at 6:58:34 AM UTC-8 Kathleen Wilson wrote: > All, > > This work has begun. Please avoid l

Re: CCADB Update: Changing URLs (breaking change)

All, This work has begun. Please avoid logging into the CCADB or using CCADB public reports until I post another message saying that we have finished the migration. Thanks, Kathleen, on behalf of the CCADB Steering Committee On Monday, February 13, 2023 at 2:46:31 PM UTC-8 Kathleen Wilson

Re: DRAFT: Root Inclusion Considerations

I have made the following changes to https://wiki.mozilla.org/CA/Root_Inclusion_Considerations#Concerning_Behavior 1) Clarified the intent of this section in the first paragraph: The following situations are concerning *in aggregate*; meaning that a concern would be raised when a collection

CCADB Update: Changing URLs (breaking change)

All, Salesforce is moving towards Enhanced Domains as explained here: https://help.salesforce.com/s/articleView?id=000393816=1 “Enhanced domains apply an org’s company-specific My Domain name to all URLs that Salesforce hosts for your org. This feature also changes domain suffixes (the part

Re: DRAFT: Root Inclusion Considerations

On Friday, February 10, 2023 at 12:29:54 PM UTC-8 ku...@seifried.org wrote: FYI at least one person is being blocked from posting to the list properly for reasons unknown. On Fri, Feb 10, 2023 at 11:04 AM Steve Keller wrote: Unfortunately it won't let me post. I don't see why it would be

Re: DRAFT: Root Inclusion Considerations

Would it be reasonable to add the following as a Concerning Behavior? - The CA does not publish annual accounts or financial statements that have been independently audited or examined. This has been suggested to me via email, but I am not versed in this area. Thanks, Kathleen -- You

Re: DRAFT: Root Inclusion Considerations

I appreciate your patience and continued feedback as we work together to get this all correct and usable. https://wiki.mozilla.org/CA/Root_Inclusion_Considerations I have incorporated recent feedback as follows. - Changed “network surveillance…” to: network surveillance

Re: DRAFT: Root Inclusion Considerations

Thank you all for your feedback so far. I am sure it will take a couple iterations to get this all correct and usable, so I will continue to appreciate your feedback on this draft page. https://wiki.mozilla.org/CA/Root_Inclusion_Considerations I have incorporated your feedback as follows. -

DRAFT: Root Inclusion Considerations

All, I will greatly appreciate your feedback on the following new wiki page. https://wiki.mozilla.org/CA/Root_Inclusion_Considerations As you all know, sometimes we have very difficult decisions to make in regards to new inclusion or continued inclusion of root certificates in Mozilla's root

Re: GTS intermediates disappeared from MozillaIntermediateCertsCSVReport

I have updated the GTS cert hierarchy info in the CCADB. Please let me know if you notice anything else that needs to be updated therein. Thanks, Kathleen On Thursday, January 26, 2023 at 2:28:13 PM UTC-8 aao...@google.com wrote: > Thank you Kathleen! > > On Thursday, January 26, 2023 at

Re: GTS intermediates disappeared from MozillaIntermediateCertsCSVReport

Thank for bringing this to my attention. I marked the old GTS roots as removed (which they were), but the intermediate certs are probably in the CCADB as under the old roots, so I will need to re-parent them. (CCADB doesn't handle this situation well -- only allows one parent.) Thanks,

Re: spammers on MDSP

Will the new emailer get any sort of notification directing them who to email if they do want legitimate access and are not here to spam the list? No, but when they request access they can enter a reason, stating which company they represent or why they need access. -- You received this

Preventing Spammers on CCADB Public

All, I have changed the group settings to require that a CCADB Steering Committee member approve new email addresses before they are added as members of this group. Unless a potentially new member sends us email separately, we'll assume that email addresses like m07117...@gmail.com are spam.

Re: Audit Reminder Email Summary - Root Certificates

Forwarded Message Subject: Summary of January 2023 Audit Reminder Emails Date: Tue, 17 Jan 2023 13:00:23 + (GMT) Mozilla: Audit Reminder CA Owner: Buypass Root Certificates: Buypass Class 3 Root CA Buypass Class 2 Root CA Standard Audit:

Re: Critical dead(ish) link on https://www.ccadb.org/resources and question about data

On Wednesday, December 14, 2022 at 11:51:57 AM UTC-8 ku...@seifried.org wrote: > Again no idea where to report this other than here: > > on > > https://www.ccadb.org/resources > > the link to PEM of Root Certificates in Mozilla’s Root Store with the > Websites (TLS/SSL) Trust Bit Enabled

Re: Audit Reminder Email Summary - Intermediate Certificates

Forwarded Message Subject: Summary of December 2022 Outdated Audit Statements for Intermediate Certs Date: Tue, 20 Dec 2022 13:00:29 + (GMT) None -- -- You received this message because you are subscribed to the Google Groups "dev-security-policy@mozilla.org" group.

Re: Audit Reminder Email Summary - Root Certificates

Forwarded Message Subject: Summary of December 2022 Audit Reminder Emails Date: Tue, 20 Dec 2022 13:00:46 + (GMT) Mozilla: Audit Reminder CA Owner: Buypass Root Certificates: Buypass Class 3 Root CA Buypass Class 2 Root CA Standard Audit:

Re: concerns about Trustcor

All, I appreciate the thoughtful and constructive input that has been provided in this discussion. Based on the findings that were shared in this discussion thread and the responses from

Re: concerns about Trustcor

All, The discussion thus far is appreciated and has been both informative and constructive. My post on November 8 indicated that if our concerns have not been resolved by today (November 22) and

Re: Audit Reminder Email Summary - Intermediate Certificates

All, The CCADB is now sending one email per month to CAs who need to provide updated audit statements for their root or intermediate certificates. The new email logic and template was announced here .

Re: Audit Reminder Email Summary - Root Certificates

All, The CCADB is now sending one email per month to CAs who need to provide updated audit statements for their root or intermediate certificates. The new email logic and template was announced here .

Re: Creating 'CA Program' Bugzilla Product

, November 3, 2022 at 2:54:34 PM UTC-7 Kathleen Wilson wrote: > All, > > I have requested the following changes in Bugzilla Bug #1799010 > <https://bugzilla.mozilla.org/show_bug.cgi?id=1799010>. > > * Create a new Bugzilla Product called “CA Program”. > * Move component

Re: CCADB Update: Changing Audit Reminder Email Templates and Logic

These changes are in CCADB production, and the first audit reminders based on the new template/logic will be sent tomorrow. Kathleen On Tuesday, November 8, 2022 at 2:07:41 PM UTC-8 Kathleen Wilson wrote: > All, > > The following audit reminder email templates are going to be

Re: Announcing CCADB Public Group

All Primary POCs currently listed in the CCADB have been subscribed to the CCADB Public Group, and should have received the welcome message. Others can join the group by emailing public+subscr...@ccadb.org. Here's the web URL for the group: https://groups.google.com/a/ccadb.org/g/public

CCADB Update: Changing Audit Reminder Email Templates and Logic

All, The following audit reminder email templates are going to be replaced by one email template that will be sent monthly for all participating root stores. The new email template and logic will be based on the CA Task List reports that are available on the CCADB homepage. This means that

Re: Creating 'CA Program' Bugzilla Product

On Tuesday, November 8, 2022 at 4:08:32 AM UTC-8 r...@sectigo.com wrote: > Hi Kathleen. Are you planning to move all of the existing bugs relating > to the Mozilla CA program from the "NSS" product to the identically named > components in the "CA Program" product? > Yes.

Re: concerns about Trustcor

Thank you, Joel and Serge, for bringing this to the attention of Mozilla and the wider community. We understand from your post that: - Measurement Systems distributed an SDK containing spyware to Android users (also reported

Re: Creating 'CA Program' Bugzilla Product

On Monday, November 7, 2022 at 1:13:54 PM UTC-8 aa...@letsencrypt.org wrote: > One question: I'm "subscribed" to the "NSS :: CA Certificate Compliance" > component, and get emails for all new issues and updates in that component. > Will that subscription automatically get moved over, or will I

Announcing CCADB Public Group

The CCADB Steering Committee believes that public discussion improves security and interoperability through transparency. Collectively, members of this MDSP

Creating 'CA Program' Bugzilla Product

All, I have requested the following changes in Bugzilla Bug #1799010 . * Create a new Bugzilla Product called “CA Program”. * Move component “NSS :: Common CA Database” to “CA Program :: Common CA Database” * Move component “NSS :: CA

Re: Audit Reminder Email Summary - Root Certificates

Forwarded Message Subject: Summary of October 2022 Audit Reminder Emails Date: Tue, 18 Oct 2022 19:00:19 + (GMT) Mozilla: Audit Reminder CA Owner: DigitalSign - Certificadora Digital, S.A Root Certificates: DIGITALSIGN GLOBAL ROOT RSA CA DIGITALSIGN GLOBAL ROOT ECDSA

Re: Add another field to AllCertificateRecordsCSVFormat

> I believe at least part of the problem Andrew mentions is because of > Salesforce or some intermediary processing within CCADB tooling. > > I had pinged Andrew offline and he mentioned what he was seeing from our > JSON was no "" around the URL, we have confirmed what we publish does have >

Re: Audit Reminder Email Summary - Intermediate Certificates

Forwarded Message Subject: Summary of October 2022 Outdated Audit Statements for Intermediate Certs Date: Tue, 4 Oct 2022 14:01:30 + (GMT) CA Owner: Asseco Data Systems S.A. (previously Unizeto Certum) - Certificate Name: SSL.com Root Certification Authority RSA SHA-256

Providing Full CRLs for root certificates in CCADB

All, To provide the "Full CRL Issued By This CA" for root certificate records, you will need to do the following in the CCADB. 1) Create an Add/Update Root Request https://www.ccadb.org/cas/updates 2) Go to the "ROOT INFORMATION" tab Instructions for ROOT INFORMATION tab

Re: Audit Reminder Email Summary - Root Certificates

Forwarded Message Subject: Summary of September 2022 Audit Reminder Emails Date: Tue, 20 Sep 2022 19:00:20 + (GMT) Mozilla: Audit Reminder CA Owner: Certainly LLC Root Certificates: Certainly Root R1 Certainly Root E1 Standard Audit:

Re: CCADB Update: "Add/Update Root Request” Case type

All, We have completed the update, CCADB is no longer read-only, and the message on the CCADB home page will be updated very soon. I will be sending the following email to CAs: -- Dear Certification Authority Operator, The CCADB has been updated to introduce a new case type called “Add/Update

CCADB Update: "Add/Update Root Request” Case type

All, The CCADB is being updated to introduce a new Case type called “Add/Update Root Request”, which will replace the existing “CA Audit Update Request” and “CA Information Update Request (Non-Audit)” Case types. Please do not modify data in the CCADB during this update. There will be an

Re: Audit Reminder Email Summary - Intermediate Certificates

Forwarded Message Subject: Summary of September 2022 Outdated Audit Statements for Intermediate Certs Date: Tue, 6 Sep 2022 14:00:17 + (GMT) None -- You received this message because you are subscribed to the Google Groups "dev-security-policy@mozilla.org" group. To

Re: Audit Reminder Email Summary - Root Certificates

Forwarded Message Subject: Summary of August 2022 Audit Reminder Emails Date: Tue, 16 Aug 2022 19:00:26 + (GMT) Mozilla: Audit Reminder CA Owner: eMudhra Technologies Limited Root Certificates: emSign Root CA - G1 emSign ECC Root CA - G3 emSign Root CA - C1

  1   2   3   4   5   6   7   8   9   10   >