Please note that the Mozilla requirement is: " 5. Provide auditor[3] attestation that a full security audit of the CA’s issuing infrastructure has been successfully completed. " " [3] The auditor must be an external company, and approved by Mozilla. "
That WoSign did it very well -- PASS the full security audit. And Richard Wang leading the RD team have done a good job for the new system development and passed the security audit. Best Regards, Richard -----Original Message----- From: dev-security-policy [mailto:dev-security-policy-bounces+richard=wosign....@lists.mozilla.org] On Behalf Of Percy via dev-security-policy Sent: Monday, July 10, 2017 12:41 PM To: mozilla-dev-security-pol...@lists.mozilla.org Subject: Re: WoSign new system passed Cure 53 system security audit So it seems that Richard Wang still has the final executive decisions regarding security in daily operations. Basically WoSign simply changed the title of the position from CEO to COO and bypassed Mozilla's requirement? On Sunday, July 9, 2017 at 7:26:28 PM UTC-7, Richard Wang wrote: > The important thing is by the board of directors, the Company Legal > Representative is changed to Mr. Shi Xiaohong, VP of 360. > > > The daily operation thing is by COO. > > Best Regards, > > > Richard > > > > From: Eric Mill [mailto:e...@konklone.com] > Sent: Monday, July 10, 2017 10:12 AM > To: Richard Wang <rich...@wosign.com> > Cc: Itzhak Daniel <itk98...@gmail.com>; > mozilla-dev-security-pol...@lists.mozilla.org > Subject: Re: WoSign new system passed Cure 53 system security audit > > > > So who acts as the CEO for WoSign when final executive decisions need to be > made? > > > > > > On Sun, Jul 9, 2017 at 9:41 PM, Richard Wang via dev-security-policy > <dev-security-policy@lists.mozilla.org<mailto:dev-security-policy@lists.mozilla.org>> > wrote: > > Mr Wang is the COO now according to Mr. Tan's public announcement on March > CAB Forum meeting. > > CEO is still N/A, if anyone is interesting in the CEO position, please > send your Resume to Mr. Tan. > > > Best Regards, > > Richard > > > -----Original Message----- > From: dev-security-policy > [mailto:dev-security-policy-bounces+richard<mailto:dev-security-policy-bounces%2Brichard>=wosign....@lists.mozilla.org<mailto:wosign....@lists.mozilla.org>] > On Behalf Of Itzhak Daniel via dev-security-policy > Sent: Monday, July 10, 2017 4:57 AM > To: > mozilla-dev-security-pol...@lists.mozilla.org<mailto:mozilla-dev-security-pol...@lists.mozilla.org> > Subject: Re: WoSign new system passed Cure 53 system security audit > > Mr. Wang is mentioned on the end of the document, what is Richard Wang > current official responsibility of Mr. Wang at WoSign? > > According to the incident report, release on October 2016 [1], Mr. Wang > was suppose to be relieved of his duties as CEO, this is mentioned in 3 > separate paragraphs (P.17,P.25,P.26). > > Links: > 1. https://www.wosign.com/report/WoSign_Incident_Report_Update_07102016.pdf > > _______________________________________________ > dev-security-policy mailing list > > dev-security-policy@lists.mozilla.org<mailto:dev-security-policy@lists.mozilla.org> > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ > dev-security-policy mailing list > > dev-security-policy@lists.mozilla.org<mailto:dev-security-policy@lists.mozilla.org> > https://lists.mozilla.org/listinfo/dev-security-policy > > > > > > > > -- > > konklone.com<https://konklone.com> | > @konklone<https://twitter.com/konklone> _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
