On Fri, Oct 07, 2016 at 03:21:48AM +, Peter Gutmann wrote:
> Kurt Roeckx writes:
>
> >This is why browsers have something like OneCRL, so that they actually do
> >know about it and why Rob added that information to the bug tracker (
> >https://bugzilla.mozilla.org/show_bug.cgi?id=906611#c2).
Kurt Roeckx writes:
>This is why browsers have something like OneCRL, so that they actually do
>know about it and why Rob added that information to the bug tracker (
>https://bugzilla.mozilla.org/show_bug.cgi?id=906611#c2).
That still doesn't necessarily answer the question, Google have their CR
On Thu, Oct 6, 2016 at 7:33 AM, Peter Bowen wrote:
> On Thu, Oct 6, 2016 at 7:29 AM, Rob Stradling
> wrote:
>> On 04/10/16 19:39, Peter Bowen wrote:
>>> On Tue, Oct 4, 2016 at 6:29 AM, Rob Stradling
>>> wrote:
On 04/10/16 13:18, Nick Lamb wrote:
> On Tuesday, 4 October 2016 11:14:01 U
On Thu, Oct 6, 2016 at 3:57 PM, Richard Barnes wrote:
> I seem to recall we had some discussion a while back about what criteria
> should be applied to email CAs. Where did we end up on that?
I don't believe anything was settled. There is one small item in the CA policy:
"for a certificate to
On Thu, Oct 6, 2016 at 12:09 PM, Kathleen Wilson
wrote:
> This request from Symantec is to include the following 4 root certificates
> and enable the Email trust bit for them.
>
To be clear: The request is for *only* the email trust bit to be set?
I seem to recall we had some discussion a while
Thanks Kathleen.
I have no substantive objections to this inclusion (with only the Email trust
bit to be set) at this time but I do have a minor editorial nitpick which might
as well go back to Symantec while we're here.
On page 1 of the Introduction of the CP document, a footnote refers to "th
On Tuesday, October 4, 2016 at 9:25:16 AM UTC-7, Gervase Markham wrote:
> On 29/09/16 16:40, Gervase Markham wrote:
> > Following the publication of the recent investigative report,
> > representatives of Qihoo 360 and StartCom have requested a face-to-face
> > meeting with Mozilla. We have accepte
This request from Symantec is to include the following 4 root certificates and
enable the Email trust bit for them.
1) Symantec Class 1 Public Primary Certification Authority - G6
2) Symantec Class 2 Public Primary Certification Authority - G6
3) Symantec Class 1 Public Primary Certification Autho
On 10/6/2016 10:49 AM, Peter Bowen wrote:
> I think the community has discussed cross-signing both in this
> discussion and in the broader discussion of the trust graph.
>
> https://wiki.mozilla.org/CA:WoSign_Issues#Cross_Signing lists all the
> known cross-signs of WoSign.
>
> https://wiki.mozill
On Thu, Oct 6, 2016 at 7:29 AM, Rob Stradling wrote:
> On 04/10/16 19:39, Peter Bowen wrote:
>> On Tue, Oct 4, 2016 at 6:29 AM, Rob Stradling
>> wrote:
>>> On 04/10/16 13:18, Nick Lamb wrote:
On Tuesday, 4 October 2016 11:14:01 UTC+1, Rob Stradling wrote:
> Neither. I'd like to run ca
On 04/10/16 19:39, Peter Bowen wrote:
> On Tue, Oct 4, 2016 at 6:29 AM, Rob Stradling
> wrote:
>> On 04/10/16 13:18, Nick Lamb wrote:
>>> On Tuesday, 4 October 2016 11:14:01 UTC+1, Rob Stradling wrote:
Neither. I'd like to run cablint over all certs pre-issuance, but
unfortunately it'
On 06/10/2016 15:58, Gervase Markham wrote:
On 06/10/16 12:38, Jakob Bohm wrote:
Which is why I have repeatedly suggested that maybe the rules should be
changed to promote/demote some of the historic SHA-1 root certs into
"SHA-1 forever" roots that can service older devices and browsers, even
fo
On 06/10/16 12:38, Jakob Bohm wrote:
> Which is why I have repeatedly suggested that maybe the rules should be
> changed to promote/demote some of the historic SHA-1 root certs into
> "SHA-1 forever" roots that can service older devices and browsers, even
> for regular websites concerned about allo
On 06/10/2016 07:46, Peter Bowen wrote:
On Wed, Oct 5, 2016 at 10:02 PM, Michael Ströder wrote:
Dean Coclin wrote:
First Data's customers don't use browsers so Firefox can disable SHA-1 tomorrow
and not affect them.
So why to have your CA certificate trusted in Firefox's cert DB?
First Dat
14 matches
Mail list logo
