On 08/03/2017 06:27, Ryan Sleevi wrote:
On Tue, Mar 7, 2017 at 11:23 PM, Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
I saw nothing in Gervs posting suggesting that banning all kinds of
RA/DTP relationships was the intended effect.
But would you also
On Tue, Mar 7, 2017 at 9:27 PM, Ryan Sleevi via dev-security-policy
wrote:
> On Tue, Mar 7, 2017 at 11:23 PM, Jakob Bohm via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
]>
>> For example, an RA whose sole involvement is to receive a
On Tue, Mar 7, 2017 at 11:23 PM, Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> I saw nothing in Gervs posting suggesting that banning all kinds of
> RA/DTP relationships was the intended effect.
But would you also acknowledge that your originally stated
On 08/03/2017 04:21, Ryan Sleevi wrote:
On Tue, Mar 7, 2017 at 8:08 PM, Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
I contradicted you in saying that RAs (or DTP as you now want to call
them) were not supposed to be banned by the policy change.
DTPs
Im trying to keep score here but am having difficulties. Can someone
confirm if the following statements are correct:- Google has acquired
2 root certificates from GMO GlobalSign but not the company itself. GMO
GlobalSign will continue to own other roots and will use only those other roots
On Tue, Mar 7, 2017 at 8:08 PM, Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
>
> I contradicted you in saying that RAs (or DTP as you now want to call
> them) were not supposed to be banned by the policy change.
>
DTPs are the terms from the Baseline
On 08/03/2017 01:40, Ryan Sleevi wrote:
On Tue, Mar 7, 2017 at 6:26 PM, Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
On 07/03/2017 21:37, Ryan Sleevi wrote:
To make it simpler, wouldn't be a Policy Proposal be to prohibit Delegated
Third Parties from
On Tue, Mar 7, 2017 at 6:26 PM, Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On 07/03/2017 21:37, Ryan Sleevi wrote:
>>
>> To make it simpler, wouldn't be a Policy Proposal be to prohibit Delegated
>> Third Parties from participating in the issuance
On Tue, Mar 7, 2017 at 6:01 PM, Kathleen Wilson via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> 1) Domain Validation Methods
> For the CA, I recommend reviewing section 3.2.2.4 of version 1.4.1 of the
> CA/Browser Forum’s Baseline Requirements, because many of the
On 07/03/2017 21:37, Ryan Sleevi wrote:
On Tue, Mar 7, 2017 at 6:37 AM, Gervase Markham via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
Policy Proposal 1: require all CAs to arrange it so that certs validated
by an RA are issued from one or more intermediates dedicated
Thank you Andrew and Ryan for your feedback on this request to include the
"TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1" root certificate, and enable
the Websites trust bit.
Note that the new SHA-256 root certificate will replace the SHA1 “TÜBİTAK UEKAE
Kök Sertifika Hizmet Sağlayıcısı -
On Tue, Mar 7, 2017 at 6:37 AM, Gervase Markham via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Policy Proposal 1: require all CAs to arrange it so that certs validated
> by an RA are issued from one or more intermediates dedicated solely to
> that RA, with such
On 07/03/2017 18:29, Ryan Hurst wrote:
pzb: I appreciate you finally sending responses. I hope you appreciate
that they are clearly not adequate, in my opinion. Please see the
comments inline.
Again, sorry for the delay in responding, I will be more prompt moving
forward.
pzb: This
On Tue, Mar 7, 2017 at 9:14 AM, tuubaonder--- via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> This section states "WHOIS records pertinent to domain name specified in
> the certificate application shall be verified via 'www.nic.tr'". It would
> be useful to have more
> pzb: I appreciate you finally sending responses. I hope you appreciate
> that they are clearly not adequate, in my opinion. Please see the
> comments inline.
Again, sorry for the delay in responding, I will be more prompt moving
forward.
> pzb: This does not resolve the concern. The BRs
Hi Andrew and Kathleen,
Thanks Andrew for reviewing our CPS document. We have updated the CPS document
by the direction of your indications. Also you can find our replies below:
1.2 Document Name and Identification
Document version number is 3, but the front page and headers say version
1.
On Tue, Mar 7, 2017 at 5:09 AM, Gervase Markham via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> > 1.1 Scope
> > Item 2:
> > Bullet 1: This would allow the anyEKU to be considered 'out of
> scope'.
> > Is that intentional? (notwithstanding Section 5.3.1)
> >
17 matches
Mail list logo