Hi Wayne All problems have already been resolved from our side and we wait for the PIT audit planned for the next week. We will be able to provide the PIT before October 31th.
Best regards Ramiro Muñoz Muñoz AC Camerfirma SA. CTO, Exploitation Manager, CISA. +34 619 746 291 · rami...@camerfirma.com. https://www.linkedin.com/in/ramirom. ________________________________________ Este mensaje, y en su caso, cualquier fichero anexo al mismo, puede contener información CONFIDENCIAL, siendo para uso exclusivo del destinatario, quedando prohibida su divulgación copia o distribución a terceros. Si Vd. ha recibido este mensaje erróneamente, se ruega lo notifique al remitente y proceda a su borrado. De conformidad con lo establecido en el Reglamento UE 2016/679 de 27 de abril de 2016 General de Protección de Datos, se le informa que la empresa AC CAMERFIRMA, S.A. tratará la información que nos facilita con el exclusivo fin de cumplir con las obligaciones derivadas de la relación comercial o contractual adquirida con usted y que sus datos no podrán ser objeto de otro tratamiento ni de cesión a terceros salvo en los casos en que exista una obligación legal. Usted tiene derecho a obtener confirmación acerca del tratamiento de sus datos personales, y a ejercer sus derechos de acceso, rectificación, supresión, limitación y portabilidad en el tratamiento, dirigiéndose a AC CAMERFIRMA, S.A., mediante comunicación escrita remitida a la dirección C/ Ribera del Loira 12 (28042) Madrid, o a la dirección electrónica jurid...@camerfirma.com o a través de la web de incidencias disponible en la página web http://webcrm.camerfirma.com/incidencias/incidencias.php [EN] This message, and if applicable, any file attached to it, may contain CONFIDENTIAL information for the exclusive use of the recipient, being prohibited its disclosure copy or distribution to third parties. If you have received this message incorrectly, please notify the sender and proceed with its deletion. In accordance with the provisions of the EU Regulation 2016/679 of April 27, 2016 General Data Protection, you are informed that the company AC CAMERFIRMA, S.A. will treat the information you provide us with the sole purpose of complying with the obligations derived from the commercial or contractual relationship acquired with you and that your data will not be subject to another treatment or assignment to third parties except in cases where there is an legal obligation. You have the right to obtain confirmation about your personal data treatement, and to exercise your rights of access, rectification, deletion, limitation and portability, contacting AC CAMERFIRMA, SA, by written communication sent to the address C / Ribera del Loira 12 (28042) Madrid, or to the legal address jurid...@camerfirma.com or through the website http://webcrm.camerfirma.com/incidencias/incidencias.php -----Mensaje original----- De: dev-security-policy [mailto:dev-security-policy-boun...@lists.mozilla.org] En nombre de Wayne Thayer via dev-security-policy Enviado el: jueves, 27 de septiembre de 2018 0:38 Para: Ramiro Muñoz Muñoz <ramirommu...@gmail.com> CC: mozilla-dev-security-policy <mozilla-dev-security-pol...@lists.mozilla.org> Asunto: Re: AC Camerfirma's CP & CPS disclosure Hello Ramiro, On Tue, Sep 4, 2018 at 3:13 PM Wayne Thayer <wtha...@mozilla.com> wrote: > Thank you for this response Ramiro. I have copied this to the bug [1] > and have described Mozilla's expectations for point-in-time audits > that confirm that these issues have been resolved. > > [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1478933 > > On Tue, Sep 4, 2018 at 5:47 AM ramirommunoz--- via dev-security-policy > < dev-security-policy@lists.mozilla.org> wrote: > >> >> 7- List of steps your CA is taking to resolve the situation and >> ensure such issuance will not be repeated in the future, accompanied >> with a timeline of when your CA expects to accomplish these things. >> >> AC Camerfirma has made changes in the CP/CPS to fix the >> inconsistences found by the auditor and will disseminate the >> documents and the new procedures to avoid news problems in a future. >> AC Camerfirma is working on correcting the imbalances detected and >> the effective processes to ensure that the information offered by the >> OCSP and the CRL is the same. >> 2018-07-14 -> Qualified Audit Report >> 2018-09-17 -> CPS & CP's new versions will be disclosed New >> procedures and CPS/CP versions will be distributed among all affected >> people in other to avoid new differences between CP/CPS New >> procedures for self-assessment include full revision of OV >> certificates. >> Best control over changes in the BR version and modifications in AC >> Camerfirma CP/CPS. >> 2018-09-17 -> Finish a full review of the OCSP DDBB and >> synchronization with the PKI DDBB. >> 2018-09-24 -> fixed all inconsistences found. We've reviewed the >> complete databases and checked the correct OCSP/PKI/CRL alignment, >> correcting the problems found. >> 2018-10-01 -> Technical control to avoid inconsistences. We've >> improving the execution of the triggers and develop the controls that >> confirm their correct operation. >> 018-10-01 -> timely reports (weekly to monthly basic) to assure >> technical controls are working and no new inconsistences are produced. >> >> Will you please provide an update on the remediation steps described above, and timing for the point-in-time audit that will confirm that these problems have been fixed? _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy