I believe all of the non expired CAs listed are in scope.
> On Aug 2, 2017, at 7:44 PM, Peter Bowen <pzbo...@gmail.com> wrote: > > On Wed, Aug 2, 2017 at 2:12 PM, Jeremy Rowley via dev-security-policy > <dev-security-policy@lists.mozilla.org> wrote: >> Today, DigiCert and Symantec announced that DigiCert is acquiring the >> Symantec CA assets, including the infrastructure, personnel, roots, and >> platforms. At the same time, DigiCert signed a Sub CA agreement wherein we >> will validate and issue all Symantec certs as of Dec 1, 2017. We are >> committed to meeting the Mozilla and Google plans in transitioning away from >> the Symantec infrastructure. The deal is expected to close near the end of >> the year, after which we will be solely responsible for operation of the CA. >> From there, we will migrate customers and systems as necessary to >> consolidate platforms and operations while continuing to run all issuance >> and validation through DigiCert. We will post updates and plans to the >> community as things change and progress. >> >> Thanks a ton for any thoughts you offer. > > Jeremy, > > A while ago I put together a list of all the certificates that are or > were included in trust stores that were known to be owned by Symantec > or companies that Symantec acquired. The list is in Google Sheets at > https://docs.google.com/spreadsheets/d/1piCTtgMz1Uf3SHXoNEFYZKAjKGPJdRDGFuGehdzcvo8/edit?usp=sharing > > Can you confirm that DigiCert will be "solely responsible for > operation" of all of these CAs once the deal closes? > > Thanks, > Peter _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy