G’day Devon et al, It would appear that Chrome has implemented distrust of the UAE NPKI intermediates immediately - can you please explain the rationalization for this decision?
These intermediates have been operating without issue for a few years now, what was the rationale for immediate distrust without giving DigitalTrust the opportunity to contact customers about the need to update site certificates? This is extremely distruptive and has left all public trust customers inoperable unless their customers swap to a browser other than Chrome. Can you please outline the justification behind this? Regards, -Scott Sent from my iPhone Scott Rea | Senior Vice President - Trust Services Tel: +971 2 417 1417 | Mob: +971 52 847 5093 scott....@darkmatter.ae The information transmitted, including attachments, is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy any copies of this information. > On Jul 24, 2019, at 10:42 AM, Scott Rea via dev-security-policy > <dev-security-policy@lists.mozilla.org> wrote: > > Caution: This email originated from outside DarkMatter. Do not click links or > open attachments unless you recognize the sender and believe the content is > safe. > > ------------------------------------------------------------------------------ > > G’day Devon et al, > > Can you please detail the reason behind Google withdrawing trust for the UAE > NPKI intermediates? > Can you also please provide the timeline for the in-band delivery of the > restriction by Google? As you can imagine this will have catastrophic impact > for existing customers and we would like to provide them a reasonable plan to > manage the transition. > > As you are aware, DarkMatter and DigitalTrust have appealed the decision by > Mozilla on the basis of multiple elements which have also be published to the > list. Has the appeal or any of the points at the heart of that appeal been > taken into account in this decision by Google? > > Regards, > -Scott > > On 7/23/19, 11:02 PM, "dev-security-policy on behalf of Devon O'Brien via > dev-security-policy" <dev-security-policy-boun...@lists.mozilla.org on behalf > of dev-security-policy@lists.mozilla.org> wrote: > > (Writing on behalf of Google Chrome and Android) > > On behalf of Google Chrome and Android, we would like to thank the > participants that have contributed to the discussion on the broader M.D.S.P > thread on this topic. We will be taking similar steps to those proposed by > Wayne and approved by Kathleen, in that we will be removing trust in the > DarkMatter-operated intermediates across Google Chrome and Android and we > will not be including DarkMatter’s proposed new root certificates. We > anticipate these changes will be delivered via our existing in-band delivery > mechanisms to clients and require no user action. > > > Scott Rea | Senior Vice President - Trust Services > Tel: +971 2 417 1417 | Mob: +971 52 847 5093 > scott....@darkmatter.ae > > The information transmitted, including attachments, is intended only for the > person(s) or entity to which it is addressed and may contain confidential > and/or privileged material. Any review, retransmission, dissemination or > other use of, or taking of any action in reliance upon this information by > persons or entities other than the intended recipient is prohibited. If you > received this in error, please contact the sender and destroy any copies of > this information. > > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > > > > > > > > > > > > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
