Re: Suspicious test.com Cert Issued By GlobalSign

2017-03-17 Thread okaphone.elektronika--- via dev-security-policy
On Friday, 17 March 2017 17:28:12 UTC+1, douglas...@gmail.com wrote: > On Friday, March 17, 2017 at 5:37:38 AM UTC-4, Gervase Markham wrote: > > On 16/03/17 17:20, douglas beattie wrote: > > > Yes, RAs (trusted role employees) need to have the technical ability > > > to manually add domains to

Re: Suspicious test.com Cert Issued By GlobalSign

2017-03-17 Thread douglas.beattie--- via dev-security-policy
On Friday, March 17, 2017 at 5:37:38 AM UTC-4, Gervase Markham wrote: > On 16/03/17 17:20, douglas beattie wrote: > > Yes, RAs (trusted role employees) need to have the technical ability > > to manually add domains to accounts. They can verify domains in one > > of the 10 different methods and

Re: Next CA Communication

2017-03-17 Thread Peter Bowen via dev-security-policy
On Fri, Mar 17, 2017 at 8:30 AM, Gervase Markham via dev-security-policy wrote: > The URL for the draft of the next CA Communication is here: >

RE: Mozilla Root Store Policy 2.4.1

2017-03-17 Thread Jeremy Rowley via dev-security-policy
Given that the patent disclosures have been withdrawn, the proposed changes in ballot 190, and that the validation working group will be working on a revised ballot for the remaining methods during the face to face, could Action 1 include methods added/revised in ballots adopted after 1.4.1? That

Re: Mozilla Root Store Policy 2.4.1

2017-03-17 Thread Gervase Markham via dev-security-policy
On 06/03/17 15:10, Gervase Markham wrote: > The next stage in the improvement of the Mozilla Root Store Policy is > version 2.4.1. This is version 2.4, but rearranged significantly to have > a more topic-based ordering and structure to it. I have also made > editorial changes to clean up and

Next CA Communication

2017-03-17 Thread Gervase Markham via dev-security-policy
The URL for the draft of the next CA Communication is here: https://mozilla-mozillacaprogram.cs54.force.com/Communications/CACommunicationSurveySample?CACommunicationId=a050S00G3K2 Note that this is a _draft_ - the form parts will not work, and no CA should attempt to use this URL or the form

Re: Suspicious test.com Cert Issued By GlobalSign

2017-03-17 Thread Gervase Markham via dev-security-policy
On 16/03/17 17:20, douglas.beat...@gmail.com wrote: > Yes, RAs (trusted role employees) need to have the technical ability > to manually add domains to accounts. They can verify domains in one > of the 10 different methods and some of those involve manually > looking in who-is for registrant

Re: Symantec: Next Steps

2017-03-17 Thread Gervase Markham via dev-security-policy
On 16/03/17 13:15, Ryan Sleevi wrote: > Or, put differently, it sounds as if you suggest the only obligation a CA > has to ensure their DTP auditors are qualified for the task at hand is if, > and only if, Mozilla requests those audits. In the absence of that request, > the CA is allowed to make