I can't think of a case either. What I'm advocating would be an expansion of Mozilla's role in the security space--something that may or may not be appropriate for me to do, with pros and cons either way.
All,
Many people have contacted me because they heard that Mozilla is
considering removing the Email trust bit, and they ask that we keep the
Email trust bit because they use the root certs in Mozilla's root store
(NSS) with the Email trust bit enabled in current and future
In September of this year, the CA Symantec revealed[0] that they had
mis-issued a number of certificates for domains that they did not own or
control, for testing purposes. After an “exhaustive review”, they issued
a Final Report[1] which documented 23 such certificates.
Yesterday, Symantec
Great job description, Kathleen, and thanks for working toward keeping
this technical capability available.
I have some questions about the financial aspects of this, or if there
is a better place to discuss this issue please redirect me.
Obviously have a "resource" implies that there is
On 13/10/15 19:39, R Kent James wrote:
> Obviously have a "resource" implies that there is funding needed to
> support this. My understanding is that in many cases, there is a cost to
> certificate providers to have their certificates included in a root
> store, that is applied to the expense of
On 10/13/2015 8:04 AM, Kathleen Wilson wrote:
> All,
>
> Many people have contacted me because they heard that Mozilla is
> considering removing the Email trust bit, and they ask that we keep the
> Email trust bit because they use the root certs in Mozilla's root store
> (NSS) with the Email
Symantec's gone and updated [2] and [4] and both of those links are
404ing now. Updated links:
[2]
https://www-secure.symantec.com/connect/sites/default/files/Test_Certificates_Incident_Final_Report_10_13_2015v3.pdf
[4]
7 matches
Mail list logo
