> Gerv: Which EV OID are you referring to, precisely? I was referring to the GlobalSign EV Certificate Policy OID (1.3.6.1.4.1.4146.1.1) but more concretely I meant any and all EV related OIDs, including the CAB Forum OID of 2.23.140.1.1.
> Gerv: Just to be clear: GlobalSign continues to operate at least one subCA > under a root which Google has purchased, and that root is EV-enabled, > and the sub-CA continues to do EV issuance (and is audited as such) but > the root is no longer EV audited, and nor is the rest of the hierarchy? Yes, that is correct. > Gerv: Can you tell us what the planned start/end dates for the audit period > of > that annual audit are/will be? Our audit period is October 1st to the end of September. The associated report will be released between October and November, depending on our auditors schedules. > Gerv: Are the Google roots and/or the GlobalSign-acquired roots currently > issuing EE certificates? Were they issuing certificates between 11th August 2016 and 8th December 2016? No they were not issuing certificates between 11th August 2016 and 8th December 2016. We generated our first certificate, a subordinate CA, last week, that CA is not yet in use. Ryan Hurst Product Manager _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
