Replacement link: https://bugzilla.mozilla.org/attachment.cgi?id=8867892
Sorry, I had the PDF cached. > -----Original Message----- > From: dev-security-policy [mailto:dev-security-policy- > bounces+steve_medin=symantec....@lists.mozilla.org] On Behalf Of > urijah--- via dev-security-policy > Sent: Monday, May 15, 2017 3:41 PM > To: mozilla-dev-security-pol...@lists.mozilla.org > Subject: Re: [EXT] Re: Draft further questions for Symantec > > The link in footnote [1] > https://www.idmanagement.gov/IDM/servlet/fileField?entityId=ka0t0000 > 000Gmi3AAC&field=File__Body__s > > gives me a 404 error. > > > On Monday, May 15, 2017 at 11:09:41 AM UTC-4, Steve Medin wrote: > > Gerv, > > > > Our response to the recent questions is posted at: > > https://bugzilla.mozilla.org/attachment.cgi?id=8867735 > > > > Kind regards, > > Steve > > > > > -----Original Message----- > > > From: dev-security-policy [mailto:dev-security-policy- > > > bounces+steve_medin=symantec....@lists.mozilla.org] On Behalf Of > > > Gervase Markham via dev-security-policy > > > Sent: Wednesday, May 10, 2017 7:06 AM > > > To: mozilla-dev-security-pol...@lists.mozilla.org > > > Subject: [EXT] Re: Draft further questions for Symantec > > > > > > On 08/05/17 13:24, Gervase Markham wrote: > > > > 8) Please explain how the Management Assertions for your December > > > > 2014 > > > <snip> > > > > > > Strike this question; it's based on a misunderstanding of how audits > > > are done. > > > > > > Let's add: > > > > > > 10) Do you agree that, during the period of time that Symantec > > > cross-signed the Federal PKI (Issue L), it was technically possible > > > for issuers inside the FPKI to issue EV certs by inserting Symantec's EV > OID? > > > > > > 11) If, in the Symantec Issues list or any other document relating > > > to this matter we may publish in future, we have drawn a conclusion > > > or inference about Symantec's PKI, actions or behaviour which is > > > incorrect, we expect you to draw that to our attention, even if the > > > truth is not as favourable to Symantec. Are there any incorrect > > > inferences or conclusions in the Issues List which need to be corrected? > > > > > > Gerv > > > _______________________________________________ > > > dev-security-policy mailing list > > > dev-security-policy@lists.mozilla.org > > > https://lists.mozilla.org/listinfo/dev-security-policy > > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
