Re: question about DNS CAA and S/MIME certificates

I created a new issue suggesting that we add this requirement to Mozilla policy: https://github.com/mozilla/pkipolicy/issues/135 On Wed, May 9, 2018 at 4:59 PM Ryan Sleevi via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > On Wed, May 9, 2018 at 11:47 AM, Adrian R. via

Re: Root Store Policy 2.6

We're concluding discussions on all of the issues identified for version 2.6 of the policy [1]. You can find a complete set of changes here: https://github.com/mozilla/pkipolicy/compare/master...2.6 Two of the changes [2][3] require CAs to update their CP/CPS. For many CAs the current practice

Re: Policy 2.6 Proposal: Update Minimum Audit Versions

My understanding of this discussion is that it is too soon to increase the minimum required versions of EN 319 411-1 and 319 411-2. I will only make the proposed change to the WebTrust EV version in the 2.6 policy update. - Wayne On Fri, May 11, 2018 at 12:19 PM wrote: >

Re: FW: Bit encoding (AW: Policy 2.6 Proposal: Add prohibition on CA key generation to policy)

Doug, On Thu, May 10, 2018 at 10:57 AM Doug Beattie wrote: > Hi Wayne, > > > > I’m OK with this as long as this permits the password (fully or partially > generated by the CA) and PKCS#12 file to be picked up by a user over HTTPS > (a single channel). > > > This

RE: Policy 2.6 Proposal: Update Minimum Audit Versions

Thanks Peter, I think we are in agreement. Dimitris. -Original Message- From: "Peter Miškovič via dev-security-policy" To: Dimitris Zacharopoulos , Wayne Thayer , mozilla-dev-security-policy

RE: Policy 2.6 Proposal: Update Minimum Audit Versions

Hi Dimitris, the official list of ETSI published standards you can find at http://www.etsi.org/standards-search#Pre-defined%20Collections If you search for ETSI EN 319 411 you can find that only officially ETSI published versions for ETSI EN 319 411-1 were V1.1.1 (2016-02) and V1.2.2