Hi all,
I am currently aligned with Wendy’s and Judith’s concerns expressed on the
recent call about sunsetting the Legacy profile, but I look forward to
discussing this further in Bergamo. The Legacy profile provides greater
flexibility, and migrating to only the Multipurpose and Strict profiles
Mozilla votes "yes" on Ballot SMC-006v2.
On Fri, Apr 5, 2024, 7:58 AM Kateryna Aleksieieva via Smcwg-public <
smcwg-public@cabforum.org> wrote:
> Certum votes "Yes" to Ballot SMC06v2
>
> Kind regards,
>
> *Kateryna Aleksieieva*
> --
> *Od:* Smcwg-public w imieniu
>
Mozilla votes "yes" on Ballot SMC-005.
On Wed, Jan 10, 2024 at 4:32 PM Corey Bonnell via Smcwg-public <
smcwg-public@cabforum.org> wrote:
> *Ballot SMC05: Adoption of CAA for S/MIME*
>
>
>
> *Purpose of Ballot:*
>
>
>
> The ballot proposes changes to the S/MIME Baseline Requirements to
>
It would be great if we could coordinate with a SCWG ballot that requires
that CAA be put in section 3.2.2.8. However, as I said on the recent call,
there might be a CA or two that has already populated section 3.2.2.8 of
their CP/CPS with something else.
On Thu, Dec 7, 2023 at 8:59 AM Stephen
Mozilla votes "Yes" on Ballot SMC 004 (Addition of ETSI TS 119 411-6).
On Wed, Nov 1, 2023 at 11:07 AM Stephen Davidson via Smcwg-public <
smcwg-public@cabforum.org> wrote:
> Hello:
>
>
>
> The voting period for Ballot SMC04 has started. Votes must be cast on the
> SMCWG public list and in
Software Engineer with Cryptography SME
>
> www.globalsign.co.uk|www.globalsign.eu
>
>
>
>
>
> *From: *Smcwg-public
> on behalf of Adriano Santoni via
> Smcwg-public
> *Date: *Monday, 2 October 2023 at 07:57
> *To: *smcwg-public@cabforum.org
>
>
idated data
>> store to ensure that the only paths for data to become part of a signed
>> certificate are through static configurations (e.g. signatureAlgorithm) or
>> known-validated data.
>>
>> There’s plenty of nuance we can discuss as well, but generally spea
y of nuance we can discuss as well, but generally speaking I
> believe it’s bad practice to rely on fields in the CSR.
>
> Cheers,
> -Clint
>
> On Sep 29, 2023, at 8:27 AM, Ben Wilson via Smcwg-public <
> smcwg-public@cabforum.org> wrote:
>
> All,
> I'm interested i
All,
I'm interested in gathering information from Certificate Issuers about the
kind of information that they would like to collect/extract from the CSRs
they receive from S/MIME certificate applicants. This information could be
used to refine a system to generate CSRs that result in certificates
s of Section
> 3.2.2.1, *or has been authorized by the domain registrant to act on the
> registrant’s behalf in line with the verification practices of Section
> 3.2.2.3."
>
>
>
> Best, Stephen
>
>
>
>
>
> *From:* Smcwg-public *On Behalf Of *Ben
> Wilson
Does anyone recall offhand why section 7.1.5 doesn't also refer to section
3.2.2.1?
Section 7.1.5 says, "The CA SHALL confirm that the Applicant has registered
the FQDN contained in the rfc822Name or has authorized by the domain
registrant to act on the registrant’s behalf in line with the
I have posted this on our Mozilla CA wiki page for additional guidance
during this S/MIME BRs transition -
https://wiki.mozilla.org/CA/Transition_SMIME_BRs#Audit_Migration_Plan.
Ben
On Tue, Jun 20, 2023 at 6:21 PM Stephen Davidson via Smcwg-public <
smcwg-public@cabforum.org> wrote:
> FYI, for
All,
For TLS Certificates, I think it was discovered that they would still work
if there was no EKU in them (or maybe that was just the chaining down from
Intermediate CA certificates). Anyway, I have commented in a discussion on
the Mozilla Dev-Security-Policy list
All,
I have created a wiki page (https://wiki.mozilla.org/CA/Transition_SMIME_BRs)
to address miscellaneous issues that might arise for CAs in their
transition toward compliance with the CA/Browser Forum’s Baseline
Requirements for S/MIME Certificates (S/MIME BRs). (The wiki page is for
items
14 matches
Mail list logo
