Hi Jose,

There was no attachment to your email. Would you mind re-sending with an
attachment?

On Fri, Aug 18, 2017 at 8:17 AM, Jose Manuel Torres via dev-security-policy
<dev-security-policy@lists.mozilla.org> wrote:

> Hello everyone,
>
> In response to the questions raised:
>
> AC FNMT Usuarios do not issue TLS / SSL certificates, as evidenced by the
> attached document: Audit Attestation - ETSI Assestment 2017, FNMT CA's and
> TSU's.
>
> Regarding anyExtendedKeyUsage EKU, since January 2017 it is no longer
> incorporated into the certificates issued by AC FNMT Usuarios so it should
> not be possible
> to use it for TLS server authentication.
>
> In this sense the certificate indicated in this incident was issued prior
> to the change indicated.
>
> Taking these considerations into account, FNMT considers that a revocation
> of the intermediate CA by OneCRL is not necessary.
> _______________________________________________
> dev-security-policy mailing list
> dev-security-policy@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-security-policy
>



-- 
konklone.com | @konklone <https://twitter.com/konklone>
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to