Dear Ryan
You accuse our root status by saying:"We know that key has been run on
deficient infrastructure, with deficient software, and done deficient things..."
As a matter of a fact the ROOT resides on a FIPS140-2 L3 HSM and kept all it
life time in an offline status (in a robust SAFE) and was
On Wed, Feb 14, 2018 at 10:47 AM, Tim Smith via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On Wednesday, February 14, 2018 at 8:43:19 AM UTC-8, Wayne Thayer wrote:
> > In this particular case, my conclusion is that the existing Mozilla
> > process is working. We have
On Wednesday, February 14, 2018 at 8:43:19 AM UTC-8, Wayne Thayer wrote:
> In this particular case, my conclusion is that the existing Mozilla
> process is working. We have documented a number of issues that when
> considered in aggregate warrant an investigation.
Hi Wayne,
Forgive me if I'm
It seems to me that some CA's hold unanswered Mozilla's questions because they
know that it will not cause any serious consequences. I mean removing a root
certificates from Mozilla Root Store. However, this point of view here seems to
have already been voiced.
On Wed, Feb 14, 2018 at 10:29 AM, YairE via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
>
> We take your recommendation and we consider generating a brand new root
> with a new key pair that will run only on the new CA software – whilst
> providing all the audits and needed
On Tue, Feb 13, 2018 at 11:26 PM, Paul Kehrer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On February 14, 2018 at 4:17:16 AM, Wayne Thayer via dev-security-policy (
> dev-security-policy@lists.mozilla.org) wrote:
>
> > The most recent BR audit report for the Visa
On Wed, Feb 14, 2018 at 10:27 AM, YairE via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Dear Ryan
>
> We need to refer to the points you have raised regarding the ROOT KEY – we
> must stress that the ROOT KEY and the ROOT CA are two different and
> separate entities.
>
Dear Wayne
We do understand the issues raised and instead of addressing each one
separately we would give a shorter answer:
We do agree that mistakes were made with this rootCA and we understand your
hesitation.
We also believe that our current CPS state is well and that we made a lot of
Dear Ryan
We need to refer to the points you have raised regarding the ROOT KEY – we must
stress that the ROOT KEY and the ROOT CA are two different and separate
entities.
Whilst the ROOT CA does have some history the ROOT KEY was never (and shouldn’t
be) in question.
“I hope you can
9 matches
Mail list logo