Richard, On behalf of most Chinese Internet users who do not speak English, I'm asking why WoSign is only making the final statement available in Chinese, but not the incident report. WoSign doesn't even have any statement, announcement or press release in Chinese regarding any of the incidents (except this final statement) anywhere.
As WoSign is the largest CA in China, it must be responsible to Chinese users. I'm requesting WoSign to make the incident report available in Chinese and available on the WoSign's Chinese site. I believe an announcement on the official Chinese site with the link to the incident report is also warranted. On Thursday, September 22, 2016, Richard Wang <rich...@wosign.com> wrote: > Hi Gerv, > > This is the final statement about the incident: > https://www.wosign.com/report/WoSign_final_statement_09232016.pdf (in > English) > > https://www.wosign.com/report/WoSign_final_statement_CN_09232016.pdf > (中文版) (In Chinese, this is easy for Chinese users.) > > I think this is the supplement of the two released reports. > > Please let me if you have any questions about this statement, thanks. > > > Best Regards, > > Richard Wang > CEO > WoSign CA Limited > > > -----Original Message----- > From: dev-security-policy [mailto:dev-security-policy-bounces+richard > <javascript:;>=wosign....@lists.mozilla.org <javascript:;>] On Behalf Of > Richard Wang > Sent: Friday, September 16, 2016 6:05 PM > To: Gervase Markham <g...@mozilla.org <javascript:;>> > Cc: mozilla-dev-security-pol...@lists.mozilla.org <javascript:;> > Subject: RE: Incidents involving the CA WoSign > > Hi Gerv, > > This is the final report: https://www.wosign.com/report/ > WoSign_Incident_Final_Report_09162016.pdf > > Please let me if you have any questions about the report, thanks. > > > Best Regards, > > Richard Wang > CEO > WoSign CA Limited > > > -----Original Message----- > From: Gervase Markham > Sent: Wednesday, September 7, 2016 7:00 PM > To: Richard Wang; mozilla-dev-security-pol...@lists.mozilla.org > <javascript:;> > Subject: Re: Incidents involving the CA WoSign > > Hi Richard, > > On 07/09/16 11:06, Richard Wang wrote: > > This discuss has been lasting two weeks, I think it is time to end it, > > it doesn’t worth to waste everybody’s precious time. > > Unfortunately, I think we may be only beginning. > > I have prepared a list of the issues we are tracking with WoSign's > certificate issuance process and business: > > https://wiki.mozilla.org/CA:WoSign_Issues > > Please can you provide a response to issues F, P, S and T at your earliest > convenience? > > In addition, if you have further things to say about issues D, H, J, L, N > or V we would be happy to hear them. > > Thank you for your suggestions, but once Mozilla has a full understanding > of what has gone on we will be in a better position to decide what next > actions are appropriate. > > With best wishes, > > Gerv > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org <javascript:;> > https://lists.mozilla.org/listinfo/dev-security-policy > -- _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
