Re: TunRootCA2 root inclusion request

On Friday, March 9, 2018 at 10:30:18 PM UTC+1, Ryan Sleevi wrote: > On Tue, Feb 27, 2018 at 4:17 PM, Wayne Thayer via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > > > This request has been in public discussion for more than 6 months, so I > > would like to make a

Re: TunRootCA2 root inclusion request

In addition to the issues Ryan has listed, during the root inclusion process multiple issues with their OCSP responder and CRL endpoints were observed and fixed only after the flaws were documented in the bug ( https://bugzilla.mozilla.org/show_bug.cgi?id=1233645). I believe any CA seeking

Re: TunRootCA2 root inclusion request

On Tue, Feb 27, 2018 at 4:17 PM, Wayne Thayer via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > This request has been in public discussion for more than 6 months, so I > would like to make a decision soon. If you have comments or concerns with > this request, please post

Re: AC Camerfirma Chambers of Commerce and Global Chambersign 2016 Root Inclusion Request

On Tue, Mar 6, 2018 at 4:45 AM, ramirommunoz--- via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > > 1 * The inclusion request references a much older CPS [3] that doesn't > list the 2016 versions of these roots or comply with current policies. I > only reviewed the newer

Re: AC Camerfirma Chambers of Commerce and Global Chambersign 2016 Root Inclusion Request

On Tuesday, March 6, 2018 at 3:45:47 AM UTC-8, ramiro...@gmail.com wrote: > Hi Wyne > here our answers to the ==Bad== issues we are working on the ==Meh== ones. > > 1 * The inclusion request references a much older CPS [3] that doesn't list > the 2016 versions of these roots or comply with

Re: ccadb.org

The ccadb.org site is now https. Please let me know if you run into any problems with the ccadb.org site. Thanks for your patience. Kathleen ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org

Re: Process of including ca root in mozilla

Every year the ca root will gave the official annual audit to mozilla who prove the respect of norms. this audits made from a recognized auditors ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org

Re: Process of including ca root in mozilla

Every year the ca root will gave the official annual audit to mozilla who prove the respect of norms. this audits made from a recognized auditors ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org

Re: Process of including ca root in mozilla

the risk still exists. for example a root ca included in mozilla and generates nonconforming certificates. what to do??? ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy

Re: Process of including ca root in mozilla

Is a good idea to limited the ca root at first at code country or the TLD of this country like .tr for turkey or .fr for France In second step this ca root put the new request for they other domain or code and this request take a profond and enforced check like 2 years of period.