Thanks, Kurt, for sharing!
m...@chemalogo.com
+34 666 429 224 (Spain)
gplus.to/chemalogo
@chemalogo https://twitter.com/chemalogo/
www.linkedin.com/in/chemalogo
Skype: chemalogo
On Tue, May 20, 2014 at 7:03 PM, Kurt Roeckx k...@roeckx.be wrote:
I've been working on checking that certificates
On 5/22/14, 9:38 AM, Kurt Roeckx wrote:
On Thu, May 22, 2014 at 08:50:02AM -0700, Kathleen Wilson wrote:
But really, since the websites and code signing trust bits are not enabled,
the hierarchy is already essentially constrained -- NSS would give an
exception for path validation of an SSL or
On 5/21/14, 5:02 PM, Kathleen Wilson wrote:
On 5/21/14, 2:54 PM, Ryan Sleevi wrote:
On Wed, May 21, 2014 12:12 pm, Kathleen Wilson wrote:
On 5/20/14, 9:53 AM, Rick Andrews wrote:
Ryan, they're not, but the root is not trusted for SSL (via meta-data).
AFAIK, Firefox won't trust any SSL cert
Hi Kathleen,
The policy group responsible for control of our certificates and keys have a
question for you concerning the disclosure requirements.
We have a number of CAs in 'CRL/OCSP only' mode where certificate issuance
has been programmatically suspended. In many cases the
On Thu, May 22, 2014 at 10:48:56AM -0700, Ryan Sleevi wrote:
On Thu, May 22, 2014 10:44 am, Kathleen Wilson wrote:
On 5/22/14, 9:38 AM, Kurt Roeckx wrote:
As far as
I know there is also no standard format to indicate those trust
bits together with the certificate. This currently
On Tue, May 20, 2014 at 11:23:54AM -0700, Kathleen Wilson wrote:
Maybe we should re-visit the idea of a wall of shame, and publicly list
the CAs who are still issuing certificates with the following problems.
* No Subject alternative name extension
* Fails decoding the character set
*
On Thursday, May 22, 2014 11:22:17 AM UTC-7, Kathleen Wilson wrote:
On 5/21/14, 5:02 PM, Kathleen Wilson wrote:
On 5/21/14, 2:54 PM, Ryan Sleevi wrote:
On Wed, May 21, 2014 12:12 pm, Kathleen Wilson wrote:
On 5/20/14, 9:53 AM, Rick Andrews wrote:
Ryan, they're not, but the root
7 matches
Mail list logo