> I’m not sure what I could reasonably require (and enforce) of the CA in
> regards to communicating with their customers.
> I recall that my security blog about CNNIC got censored in China, so I'm not
> sure what Mozilla can do about informing the CA's customers of this pending
> change/imp
On 18/10/2016 01:22, Kurt Roeckx wrote:
On Tue, Oct 18, 2016 at 12:39:42AM +0200, Kurt Roeckx wrote:
On Tue, Oct 18, 2016 at 12:22:21AM +0200, Jakob Bohm wrote:
Over the past few years, this has caused the Mozilla root list to
become less and less useful for the rest of the open source world,
All,
Here’s a summary of your input, and my thoughts.
~~
What about NSS?
We discussed this in the NSS team call last week, and the general decision was
that the rules we put in place regarding these Affected Roots for Mozilla will
also be put in place inside NSS.
That doesn’t help all consumer
On Tue, Oct 18, 2016 at 12:39:42AM +0200, Kurt Roeckx wrote:
> On Tue, Oct 18, 2016 at 12:22:21AM +0200, Jakob Bohm wrote:
> >
> > Over the past few years, this has caused the Mozilla root list to
> > become less and less useful for the rest of the open source world, a
> > fact which at least some
On 16/10/2016 09:59, Adrian R. wrote:
Hello
i read in the news (but not here on m.d.s.p) that a few days ago Globalsign
revoked one of their intermediary roots and then un-revoked it (well, the
revocation is accidental, but it was still a properly announced revocation, via
signed CRL and OCSP
On 18/10/2016 00:39, Kurt Roeckx wrote:
On Tue, Oct 18, 2016 at 12:22:21AM +0200, Jakob Bohm wrote:
Over the past few years, this has caused the Mozilla root list to
become less and less useful for the rest of the open source world, a
fact which at least some of the Mozilla-root-list-copying op
On Tue, Oct 18, 2016 at 12:22:21AM +0200, Jakob Bohm wrote:
>
> Over the past few years, this has caused the Mozilla root list to
> become less and less useful for the rest of the open source world, a
> fact which at least some of the Mozilla-root-list-copying open source
> projects seem not to be
On 16/10/2016 20:55, Ryan Sleevi wrote:
On Saturday, October 15, 2016 at 3:18:22 PM UTC-7, Eric Mill wrote:
On Sat, Oct 15, 2016 at 4:31 AM, Peter Gutmann
wrote:
The only one who's openly addressed this
seems to be Mozilla.
It would certainly be nice if Mozilla weren't the only openly ope
On 16/10/16 08:59, Adrian R. wrote:
> is this revival/un-revocation of an intermediary CA allowed by the
> BRs?
I agree that the wording is a little loose but I think the intended
purpose of the clause in question was as Peter interprets it - don't
remove things from OCSP or CRLs before their expi
On 15/10/16 00:32, Peter Gutmann wrote:
> I would have expected some sort of coordinating action to provide a unified
> response to the issue and corresponding unified, consistent behaviour among
> the browsers, rather than the current lottery as to what a particular browser
> (other than Apple and
10 matches
Mail list logo
