Yes, sorry for this.
As I admitted that this discussion gives us a big lesson that we know when we
need to report incident to all browsers. We guarantee we will do it better.
Best Regards,
Richard
-Original Message-
From: dev-security-policy
On Thu, Aug 25, 2016 at 05:15:58PM -0700, Ryan Sleevi wrote:
> On Thursday, August 25, 2016 at 4:35:39 PM UTC-7, Matt Palmer wrote:
> > I'm after the specifics of the changes to WoSign's policies and procedures
> > regarding *notification*, not quality control. What were WoSign's previous
> >
On Thu, Aug 25, 2016 at 07:11:18AM +, Richard Wang wrote:
> We can post all 2015 issued SSL certificate to CT log server if necessary.
That doesn't provide any assurance, in the face of misleading notBefore
values in certificates. Without strong assurances that whatever failure of
systems or
On Thursday, August 11, 2016 at 4:36:02 PM UTC-7, Kathleen Wilson wrote:
> >> FNMT has applied to include the “AC RAIZ FNMT-RCM” root certificate
> >> and enable the Websites trust bit.
> >>
> >> Fábrica Nacional de Moneda y Timbre (FNMT) is a government agency
> >> that provides services to
On Thursday, August 25, 2016 at 10:11:21 AM UTC-7, rugk wrote:
> Hi,
> I stumbled across this service by StartCom:
> https://startssl.com/StartPKI (archive link: https://archive.is/GRkAK)
> I got a bit afraid when looking at their nice screenshots
> (https://archive.is/GRkAK#75%), because they
On Thursday, August 25, 2016 at 12:14:10 AM UTC-7, Richard Wang wrote:
> We can post all 2015 issued SSL certificate to CT log server if necessary.
Is there any reason not to do that proactively?
> For BR auditor, I think this issue is too technical that fewer auditor can
> find out this
Hi,
I stumbled across this service by StartCom:
https://startssl.com/StartPKI (archive link: https://archive.is/GRkAK)
I got a bit afraid when looking at their nice screenshots
(https://archive.is/GRkAK#75%), because they offer intermediate
certificates for companies allowing them to issue
Thanks for your friendly reminder.
We can post all 2015 issued SSL certificate to CT log server if necessary.
For BR auditor, I think this issue is too technical that fewer auditor can find
out this problem.
We will add the quality control system to PKI system before issuing the
certificate,
On Thu, Aug 25, 2016 at 04:03:04AM +, Richard Wang wrote:
> For transparency, WoSign announced full transparency for all SSL
> certificate from July 5th that post all issued SSL certificate to Google
> log server, browsers can distrust WoSign issued SSL certificate after that
> day if no SCT
9 matches
Mail list logo