All,
As many of you know, we've been working to customize Salesforce to
create a CA Community that enables CAs to directly provide the data for
all of the publicly disclosed and audited subordinate CAs chaining up to
root certificates in Mozilla's program, and to also directly provide
data ab
On Thu, November 5, 2015 12:51 pm, Charles Reiss wrote:
> My impression is that Mozilla need not be explicitly notified of new
> subCAs; the
> disclosure may take the form of an update on the CA's website (perhaps
> even just
> a new version of the CPS). If so, this would seem to make it diffi
On 11/04/15 00:24, Kathleen Wilson wrote:
> Topic to discuss [1]:
> “(D3) Make the timeline clear about when the audit statements and disclosure
> has
> to happen for new audited/disclosed subCAs.
>
> Section 10 of the Inclusion Policy says:
> https://www.mozilla.org/en-US/about/governance/polici
On 11/5/2015 11:10 AM, Kathleen Wilson wrote:
> On 11/5/15 10:58 AM, David E. Ross wrote:
>>
>> Rather than list acceptable key types and sizes, cite the Baseline
>> Requirements along with listing exceptions, both types and sizes that
>> are not supported but are in the BR and types and sizes that
On 8/4/15 1:26 PM, Peter Bowen wrote:
On Tue, Aug 4, 2015 at 1:17 PM, Kathleen Wilson wrote:
The Included CAs list is now being automatically generated directly from
Salesforce:
https://mozillacaprogram.secure.force.com/CA/IncludedCACertificateReport
Is there a way to download the Salesforce
On 11/5/15 11:34 AM, s...@gmx.ch wrote:
It seems that we are going to untrust SHA-1 generally on July 1, 2016
[1]. Do we already have a bug number for this?
https://bugzilla.mozilla.org/show_bug.cgi?id=942515
I think certificates with 'notAfter >= 2017-7-1' should get a triangle
instead of
I would like to see SHA-3 signatures and Ed25519/curve25519 ASAP.
The later one is not that far away [1].
Maybe it's the right time to consider them?
[1] https://bugzilla.mozilla.org/show_bug.cgi?id=957105
Am 05.11.2015 um 19:46 schrieb Kathleen Wilson:
> The next two topics to discuss [1] have
It seems that we are going to untrust SHA-1 generally on July 1, 2016
[1]. Do we already have a bug number for this? I can't find any.
I think certificates with 'notAfter >= 2017-7-1' should get a triangle
instead of the lock icon from now.
[1]
https://blog.mozilla.org/security/2015/10/20/continui
On 11/5/15 10:58 AM, David E. Ross wrote:
Rather than list acceptable key types and sizes, cite the Baseline
Requirements along with listing exceptions, both types and sizes that
are not supported but are in the BR and types and sizes that are
supported but are not in the BR. I would not be sur
On 10/28/15 10:25 AM, Kathleen Wilson wrote:
Therefore, this proposal is modified to simplify item #9 of the
Inclusion Policy,
https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/inclusion/
as follows:
~~
We encourage CAs to technically constrain all subordinate
On 11/5/2015 10:46 AM, Kathleen Wilson wrote:
> The next two topics to discuss [1] have to do with section 8 of
> Mozilla’s CA Certificate Maintenance Policy.
>
> The proposals are:
> - (D15) Deprecate SHA-1 Hash Algorithms in certs.
> and
> - (D4) In item #8 of the Maintenance Policy recommend t
It might for you but maybe something between you're system and hers is
different so it works for you but not for her
as my sig line says iam a computer tech i build sell service and consult.
sometimes you can have to 2 identical systems side by side and one will work
fine and the other has proble
The next two topics to discuss [1] have to do with section 8 of
Mozilla’s CA Certificate Maintenance Policy.
The proposals are:
- (D15) Deprecate SHA-1 Hash Algorithms in certs.
and
- (D4) In item #8 of the Maintenance Policy recommend that CAs avoid
SHA-512 and P-521, especially in their CA ce
On 11/3/15 7:09 PM, Ryan Sleevi wrote:
On Tue, November 3, 2015 4:24 pm, Kathleen Wilson wrote:
Topic to discuss [1]:
(D3) Make the timeline clear about when the audit statements and
disclosure has to happen for new audited/disclosed subCAs.
What further clarification needs to be adde
14 matches
Mail list logo
