Peter Bowen writes:
>I think you found the "wrong" True Thrive Limited.
Ah, thanks.
>This appears to just be a name collision. Naming is hard :(
Actually if you think that's tough, try figuring out who the real Midco is...
Peter.
___
dev-security-p
On Sat, Oct 22, 2016 at 9:08 PM, Peter Gutmann
wrote:
> popcorn writes:
>
>>There were comments admonishing StartCom and WoSign for not reporting change
>>of ownership in a timely manner.
>>
>>I am not sure if this has been reported earlier, but if not, then Qihoo 360
>>change of ownership may be
popcorn writes:
>There were comments admonishing StartCom and WoSign for not reporting change
>of ownership in a timely manner.
>
>I am not sure if this has been reported earlier, but if not, then Qihoo 360
>change of ownership may be relevant to the current discussion:
>
>http://www.prnewswire.c
On Thu, Oct 20, 2016 at 1:57 PM, Kathleen Wilson wrote:
> 1) Distrust certificates with a notBefore date after October 21, 2016 which
> chain up to the following affected roots. If additional back-dating is
> discovered (by any means) to circumvent this control, then Mozilla will
> immediately
On Sat, 22 Oct 2016 16:26:51 +0200, Jakob Bohm wrote:
> Thus the need for those who obtaind OV code
> signing certificates from StartCom to start looking for alternatives,
> and my suggestion, as a public service, that someone here might chime
> in with the names of small/individual developer frie
On 22/10/2016 14:59, Ryan Sleevi wrote:
On Saturday, October 22, 2016 at 5:11:29 AM UTC-7, Jakob Bohm wrote:
Talking of codesigning, which root store does Chrome use to validate
signatures on the PPAPI plug ins it is currently forcing developers to
switch to?
I've mentioned to you repeatedly t
On 21/10/2016 10:38, Han Yuwei wrote:
I think this is a major mistake and a investgation should be conducted for CPS
is a critical document about CA. This is not just a translation problem but a
version control problem. Sometimes it can be lying.
Let me try to be more specific:
When publis
On 22/10/2016 02:24, Gervase Markham wrote:
On 21/10/16 17:21, Eric Mill wrote:
Can you confirm whether this affects people who subscribed through Google
Groups but participate via email, or whether it only impacts users who read
the list through the Google Groups web interface?
The lack-of-me
On 21/10/2016 00:24, Gervase Markham wrote:
On 20/10/16 15:05, Kathleen Wilson wrote:
You are receiving this email because our records indicate that there
are non-technically-constrained intermediate certificates that chain
up to your root certificates that are included in Mozilla’s program
that
On 18/10/2016 20:40, Eric Mill wrote:
The first thing that comes to mind is to define an intermediate
representation of per-root constraints, that Mozilla can distribute
alongside certdata.txt.
The simplest piece would be name constraints, but incorporating things like
CT constraints and date-ba
On Saturday, October 22, 2016 at 5:11:29 AM UTC-7, Jakob Bohm wrote:
> Talking of codesigning, which root store does Chrome use to validate
> signatures on the PPAPI plug ins it is currently forcing developers to
> switch to?
I've mentioned to you repeatedly that no one uses the code signing store
On 18/10/2016 20:50, douglas.beat...@gmail.com wrote:
On Monday, October 17, 2016 at 4:19:34 PM UTC-7, Jakob Bohm wrote:
On 16/10/2016 09:59, Adrian R. wrote:
Hello
i read in the news (but not here on m.d.s.p) that a few days ago Globalsign
revoked one of their intermediary roots and then un-
On 22/10/2016 00:57, Jernej Simončič wrote:
On Fri, 21 Oct 2016 10:03:46 -0700 (PDT), Han Yuwei wrote:
I am also a StartCom's SSL & S/MIME certificate user. The only problem for me
is that I must re-config nginx. S/MIME have a lot of alternatives for free. Code
Signing may only works on Windo
13 matches
Mail list logo