On 13/10/17 15:41, Gervase Markham wrote:
> Er, we should fix that...
Well, actually it's scoped as being inside the original EV cert request,
so there's probably no harm in practice. If any CAB Forum member wants
to fix this small error, great, but I've got too many other ballot ideas
to juggle.
On 11/10/17 11:50, Gervase Markham wrote:
> Kathleen now says she would prefer to email the Primary POCs and CC the
> email aliases. Handily, this allows for what you suggest. So consider
> the proposal changed to that.
Or rather, email the primary POCs and CC the first email alias.
Gerv
Hi all,
Today researchers announced a vulnerability they discovered in RSA keys
generated by a particular piece of firmware, which allows practical
factorization of the private key given just the public key.
Full details of the research here:
https://crocs.fi.muni.cz/public/papers/rsa_ccs17
Ther
This is an interesting one.
The same researchers also published some spooky research last year in which
they're able to fingerprint an RSA public key and determine the probability
that a given library or device generated the key pair.
Which is scary. If they're able to reliably fingerprint tha
As per previous discussions and
https://wiki.mozilla.org/CA:Symantec_Issues, a consensus proposal[0] was
reached among multiple browser makers for a graduated distrust of
Symantec roots.
Here is Mozilla’s planned timeline for the graduated distrust of
Symantec roots (subject to change):
* January
As per previous discussions and
https://wiki.mozilla.org/CA:Symantec_Issues, a consensus proposal[0] was
reached among multiple browser makers for a graduated distrust of
Symantec roots.
Here is Mozilla’s planned timeline for the graduated distrust of
Symantec roots (subject to change):
* January
Adding code to Firefox to support the distrust of specified subCAs seems
like it would be a good long-term investment for Mozilla, as it would give
Mozilla a lot more flexibility during future distrust events.
-- Eric
On Mon, Oct 16, 2017 at 1:32 PM, Gervase Markham via dev-security-policy <
dev-
The authors of the paper on the weak RSA keys generated by Infineon TPMs and
smart cards have published code in multiple languages / platforms that provide
for an efficient test for weakness by way of the Infineon TPM bug.
Perhaps this should be a category of issue identified by the crt.sh engin
On Monday, 16 October 2017 18:32:54 UTC+1, Gervase Markham wrote:
> = Symantec roots to be disabled via code, *not* removed from NSS =
>
> GeoTrust Global CA
> GeoTrust Primary Certification Authority - G2
> GeoTrust Primary Certification Authority - G3
>
> = Symantec roots that will be fully re
On Mon, Oct 16, 2017 at 10:32 AM, Gervase Markham via
dev-security-policy wrote:
> As per previous discussions and
> https://wiki.mozilla.org/CA:Symantec_Issues, a consensus proposal[0] was
> reached among multiple browser makers for a graduated distrust of
> Symantec roots.
>
> Here is Mozilla’s
On 16/10/17 20:01, Matthew Hardeman via dev-security-policy wrote:
The authors of the paper on the weak RSA keys generated by Infineon TPMs and
smart cards have published code in multiple languages / platforms that provide
for an efficient test for weakness by way of the Infineon TPM bug.
Perh
Thank you to those of you who reviewed and commented on this request from
SSL.com to include the “SSL.com Root Certification Authority RSA”, “SSL.com
Root Certification Authority ECC”, “SSL.com EV Root Certification Authority RSA
R2”, and “SSL.com EV Root Certification Authority ECC” root certif
On 16/10/2017 21:01, Matthew Hardeman wrote:
The authors of the paper on the weak RSA keys generated by Infineon TPMs and
smart cards have published code in multiple languages / platforms that provide
for an efficient test for weakness by way of the Infineon TPM bug.
Perhaps this should be a c
On Mon, Oct 16, 2017 at 09:14:29PM +0100, Rob Stradling via dev-security-policy
wrote:
> On 16/10/17 20:01, Matthew Hardeman via dev-security-policy wrote:
> > The authors of the paper on the weak RSA keys generated by Infineon TPMs
> > and smart cards have published code in multiple languages /
14 matches
Mail list logo
