FWIW, that's a misquote; I didn't write that.
On Aug 12, 2014 4:38 AM, Peter Gutmann pgut...@cs.auckland.ac.nz wrote:
[Apologies if you've seen this before, it looks like up to a week's worth
of
mail from here has been lost, this is a resend of the backlog]
Chris Palmer pal...@google.com
On 2014-08-13 02:04, Ryan Sleevi wrote:
I just wanted to alert members of this list of a discussion that has been
started on Chromium's ct-policy@ mailing list regarding Chromium's
policies for requiring EV certificates be logged in Certificate
Transparency Logs.
Ben Laurie has started a
On 8/12/14, 10:58 PM, Steve Roylance wrote:
Hi Kathleen,
I see the underlying question that you (and Matt) wanted us to answer.
Apologies in not being complete in my response the first time around.
The reason we are specific in the CPS with regards to Organizational vetting
(for everything
On 8/12/14, 9:43 PM, fhw...@gmail.com wrote:
It is a separate discussion. I wanted only some sort of statement
from Mozilla about time frames and anticipated functionalities, if there are
any.
Here's my understanding...
There are folks at Mozilla who are closely following CT (RFC 6962).
We
All,
As the CFCA discussion showed, there are a few things still to figure
out regarding the audits of CA conformance to the BRs.
Here are my proposals.
1) BR Audits should always include the whole-population audit of
intermediate certificates.
The CA's roots and all of their intermediate
On 8/13/2014 11:16 AM, Kathleen Wilson wrote [in part]:
All,
As the CFCA discussion showed, there are a few things still to figure
out regarding the audits of CA conformance to the BRs.
Here are my proposals.
[snipped}
3) If the CA's auditor missed something regarding the BRs,
On Wed, Aug 13, 2014 at 11:16 AM, Kathleen Wilson kwil...@mozilla.com wrote:
2) BR point-in-time audits may not be sufficient.
https://wiki.mozilla.org/CA:CertificatePolicyV2.1#Time_Frames_for_included_CAs_to_comply_with_the_new_policy
Any Certificate Authority being considered for root
On Wed, August 13, 2014 12:41 pm, Peter Bowen wrote:
On Wed, Aug 13, 2014 at 11:16 AM, Kathleen Wilson kwil...@mozilla.com
wrote:
2) BR point-in-time audits may not be sufficient.
https://wiki.mozilla.org/CA:CertificatePolicyV2.1#Time_Frames_for_included_CAs_to_comply_with_the_new_policy
On 8/13/2014 12:34 PM, Ryan Sleevi wrote:
On Wed, August 13, 2014 12:02 pm, David E. Ross wrote:
On 8/13/2014 11:16 AM, Kathleen Wilson wrote [in part]:
All,
As the CFCA discussion showed, there are a few things still to figure
out regarding the audits of CA conformance to the BRs.
Here
Thanks for highlighting.
We'll update and come back to the Mozilla team when approved by our policy
authority members. I shall try to ensure we look at why we missed this
instruction too.
Steve
Sent from my iPhone
On 14 Aug 2014, at 00:57, Kathleen Wilson kwil...@mozilla.com wrote:
Chris Palmer pal...@google.com writes:
FWIW, that's a misquote; I didn't write that.
Ooops, sorry, it was posted by Patrick McManus pmcma...@mozilla.com (I used
a script to try and resurrect the lost emails for re-send, I suspect something
got mangled somewhere).
So the question should have
On Wed, August 13, 2014 6:14 pm, Peter Gutmann wrote:
Chris Palmer pal...@google.com writes:
FWIW, that's a misquote; I didn't write that.
Ooops, sorry, it was posted by Patrick McManus pmcma...@mozilla.com (I
used
a script to try and resurrect the lost emails for re-send, I suspect
12 matches
Mail list logo