Re: Symantec: Next Steps

Fri, 24 Mar 2017 13:04:10 -0700 

On 24/03/2017 19:08, Ryan Sleevi wrote:

On Fri, Mar 24, 2017 at 1:30 PM, Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:


Examples discussed in the past year in this group include the Taiwan
GRCA roots and several of the SubCAs hosted by Verizon prior to the
DigiCert transition.



Apologies for not remembering, but I don't recall the relationship of
either of those discussions to what you described. However, it's very easy
I'm wrong.


> Could you link to the threads (ideally, the messages) you believe that
> captures this description, so that I can better understand?
>

For Taiwan GRCA (Government Root CA) apparently operated by Chungwa
Telecom, this seems most obvious from:
Message-ID: <mailman.83.1480762782.19729.dev-security-pol...@lists.mozilla.org> 
Date: Sat, 3 Dec 2016 00:34:12 -0800 (PST)
From: lcchen.ci...@gmail.com
Subject: Re: Taiwan GRCA Root Renewal Request

For the Verizon rooted tree of multiple CAs, some hosted by Verizon,
some not, look at the long report that is:
Message-ID: <mailman.489.1478201113.16819.dev-security-pol...@lists.mozilla.org> 
Date: Thu, 3 Nov 2016 18:28:10 +0000
From: Jeremy Rowley <jeremy.row...@digicert.com>
Subject: Update on transition of the Verizon roots and issuance of SHA1
        certificates



Peter is correct, we discussed something slightly different, so apologies
for misunderstanding what you were proposing versus what we discussed. It
sounds like what you're describing is what we discussed (white-label),
except the person signing the management assertion is also acting as a
Delegated Third Party for validation. However, because they're the ones
signing the assertion, they're the ones in scope for the audit presented to
root stores - correct?




Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to