On Wed, Feb 28, 2018 at 12:58 AM, apca2.2013--- via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote:
> "I would like to again point out that simply waiting for misissued > certificates to expire is not an acceptable response." > > This is a misunderstanding. > We are preparing to revoke certificates immediately, rather than waiting > for certificates issued prior to 2017 to expire. > However, even if we revoke those certificates, if your judgment is not > affected and our request is rejected, there is no point in doing it. > So, to be clear, you would only revoke misissued certificates if required to do so by Mozilla -- not because they represent control failures, or in order to demonstrate to other root programs your CA's responsiveness and the seriousness with which you take control failures. > Please let us know if our request will be accepted by revoking all the > certificates we issued prior to 2017. > Thank you > APCA > > > 2018年2月28日水曜日 7時51分23秒 UTC+9 Wayne Thayer: > > To conclude this discussion, Mozilla is denying the Japanese Government > > ApplicationCA2 Root inclusion request. I'd like to thank everyone for > your > > constructive input into the discussion, and I'd like to thank the > Japanese > > Government representatives for their patience and work to address issues > as > > they have been discovered. I will be resolving the bug as "WONTFIX". > > > > The Japanese Government PKI may submit a newly generated root and > key-pair > > for inclusion, and this submission can be made using the existing bug ( > > https://bugzilla.mozilla.org/show_bug.cgi?id=870185). > > > > On Thu, Feb 22, 2018 at 11:57 PM, apca2.2013--- via dev-security-policy < > > dev-security-policy@lists.mozilla.org> wrote: > > > > > We are a certificate authority controlled by the Government of Japan > and > > > issued only for servers operated by the government. > > > > > > For certificates that you point out concerning, they will expire and > will > > > be reissued, so we think that the problem will be solved. > > > > > > I would like to again point out that simply waiting for misissued > > certificates to expire is not an acceptable response. > > > > > > > We will continue to take BR audits in the future so we will operate as > a > > > secure certification authority and we appreciate your continued > support. > > > > > > - Wayne > > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > -- konklone.com | @konklone <https://twitter.com/konklone> _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
