Hi Gerv--Is Mozilla willing to consider a simpler approach in this matter? For example, it seems that much of the complexity of the Google/Symantec proposal stems from this new PKI idea. I think Mozilla could obta
Happy Monday!
Another week, another set of intermediate certs that have shown up in CT
without having been properly disclosed:
https://crt.sh/mozilla-disclosures#undisclosed
There are four intermediates here, and with exception of the StartCom one,
they were all issued more than a year ago.
As I
Hi all,
I thought it prudent in light of the recent response from Symantec regarding
the Google Chrome proposal for remediation to raise the question of the
possible remedies the community and the root programs have against a CA
behaving badly (mis-issuances, etc.)
Symantec makes a number of c
On Mon, Jun 5, 2017 at 11:52 AM, Matthew Hardeman via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
>
> Has there ever been an effort by the root programs to directly assess
> monetary penalties to the CAs -- never for inclusion -- but rather as part
> of a remediation program
+1
Thanks,
M.D.
On 6/5/2017 7:16 PM, Ryan Sleevi via dev-security-policy wrote:
On Mon, Jun 5, 2017 at 11:52 AM, Matthew Hardeman via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
Has there ever been an effort by the root programs to directly assess
monetary penalties to
On Mon, Jun 5, 2017 at 9:16 AM, Ryan Sleevi via dev-security-policy
wrote:
> On Mon, Jun 5, 2017 at 11:52 AM, Matthew Hardeman via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>>
>> Has there ever been an effort by the root programs to directly assess
>> monetary penalties
On 02/06/2017 17:12, Ryan Sleevi wrote:
On Fri, Jun 2, 2017 at 10:09 AM Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
On 02/06/2017 15:54, Ryan Sleevi wrote:
On Fri, Jun 2, 2017 at 9:33 AM, Peter Bowen wrote:
On Fri, Jun 2, 2017 at 4:27 AM, Ryan Sleevi
Consider, too, that removing trust from a CA has an economic sanction built-in: loss of business. For many CA's I imagine that serves as motivation enough for good behavior but others...possibly not.Either way, fi
On Mon, Jun 05, 2017 at 08:25:22PM -0500, Peter Kurrasch via
dev-security-policy wrote:
>Consider, too, that removing trust from a CA has an economic sanction
>built-in: loss of business. For many CA's I imagine that serves as
>motivation enough for good behavior but others...possibly
As an incidental, I am negatively influenced by reading Symantecs response:
On Friday, 2 June 2017 16:48:45 UTC+1, Steve Medin wrote:
>
> https://www.symantec.com/connect/blogs/symantec-s-response-google-
> s-subca-proposal
>
>
>
> > Our primary objective has always been to minimize any po
On Mon, Jun 5, 2017 at 6:21 PM, Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> If you read the paper, it contains a proposal for the CAs to countersign
> the computed super-crl to confirm that all entries for that CA match the
> actual revocations and non-revo
11 matches
Mail list logo