Re: Incapsula via GlobalSign issued[ing] a certificate for non-existing domain (testslsslfeb20.me)

Hi Jakob, On Thu, Mar 2, 2017 at 9:14 PM, Jakob Bohm via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > > I read his previous answer as saying that the system will in no case > extend the validity of a validation beyond the duration of the > certificate in which it was

Re: Incapsula via GlobalSign issued[ing] a certificate for non-existing domain (testslsslfeb20.me)

On 02/03/2017 00:59, Ryan Sleevi wrote: On Wed, Mar 1, 2017 at 12:12 PM, douglas.beattie--- via dev-security-policy wrote: On Wednesday, March 1, 2017 at 8:26:34 AM UTC-5, Peter Kurrasch wrote: Would it be possible to get a more precise answer other

A new US government CA for the web PKI

Hi all, Though we’re not at the point of filing an application for Mozilla’s root program, I wanted to share with this community the beginnings of an effort by the US government to start a new PKI intended for publicly trusted certificates. This effort is being led by the General Services

Re: SHA-1 serverAuth cert issued by Trustis in November 2016

On Friday, February 24, 2017 at 11:25:22 PM UTC, Gervase Markham wrote: > On 24/02/17 08:25, Andrew Ayer wrote: > > Below is an unrevoked SHA-1 serverAuth certificate for > > getset.trustis.com issued from this CA with a Not Before date of > > 2016-11-07. > > Blake: you wrote: "As part of the