Re: CCADB disclosure of id-kp-emailProtection intermediates

Mozilla's April 15 deadline for disclosure of email intermediates that are not technically constrained has now passed. I have created the following bugs for the certificates listed at https://crt.sh/mozilla-disclos ures#undisclosed * Firmaprofesional:

Re: Policy 2.6 Proposal: Require CAs to support problem reports via email

On 18/4/2018 9:50 μμ, Wayne Thayer via dev-security-policy wrote: On Wed, Apr 18, 2018 at 12:14 AM, Dimitris Zacharopoulos via dev-security-policy wrote: On 18/4/2018 12:04 πμ, Jeremy Rowley via dev-security-policy wrote: Having to go through

Re: Policy 2.6 Proposal: Require CAs to support problem reports via email

On Wed, Apr 18, 2018 at 2:50 PM, Wayne Thayer via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > On Wed, Apr 18, 2018 at 12:14 AM, Dimitris Zacharopoulos via > dev-security-policy wrote: > > > On 18/4/2018 12:04 πμ, Jeremy Rowley via

Re: RAs and the BRs

On Tue, Apr 17, 2018 at 9:21 PM, Jeremy Rowley via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > There is a way to get zero-validation certs, totally legit, under the BRs. > Currently, the BRs permit pretty much free delegation of Registration > Authorities for everything

Re: Policy 2.6 Proposal: Require CAs to support problem reports via email

On Wed, Apr 18, 2018 at 3:14 AM, Dimitris Zacharopoulos via dev-security-policy wrote: > Mail servers receive tons of SPAM everyday and an email address target is > a very easy target for popular CAs. We should also consider the possibility > of accidental

Re: Policy 2.6 Proposal: Require CAs to support problem reports via email

On 18/4/2018 12:04 πμ, Jeremy Rowley via dev-security-policy wrote: Having to go through captchas to even get the email sent is just another obstacle in getting the CA a timely certificate problem report Nowadays, people deal with captchas all the time in various popular web sites. I don't