Re: Request to Include SHECA UCA Global G2 Root and UCA Extended Validation Root

在 2018年9月13日星期四 UTC+8上午9:16:13，westm...@gmail.com写道： > Quote: > * Root Certificate Download URL: > Extended Validation Root: http://www.sheca.com/download/getdownloadforpdf/73 > > Hello, > At this URL - 404 Not found. > > Sincerely, > Andrew. Hi Andrew， pls download here:

Re: Request to Include SHECA UCA Global G2 Root and UCA Extended Validation Root

Quote: * Root Certificate Download URL: Extended Validation Root: http://www.sheca.com/download/getdownloadforpdf/73 Hello, At this URL - 404 Not found. Sincerely, Andrew. ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org

Re: Request to Include SHECA UCA Global G2 Root and UCA Extended Validation Root

Thank you Toria. On Tue, Sep 11, 2018 at 7:32 AM chenxiaotong--- via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > 在 2018年9月1日星期六 UTC+8上午7:19:49，Wayne Thayer写道： > > > > * The CP/CPS documents contain version histories, but they didn’t > describe > > what changed in each

Re: Incident Report - Misissuance of one certificate without DNS CAA authorization (Certigna)

Josselin: thank you for filing this incident report, and for your answers to the questions being asked in this thread. Please add the incident report to the related bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1485413 I will also ask you to answer the new questions that have been asked to

Re: Incident Report - Misissuance of one certificate without DNS CAA authorization (Certigna)

> The unqualified mention of "September 8" confused me at first, but it > obviously refers to the "CAA Mandatory BR" taking effect on "September > 8, 2017", thus the single misissuance probably happened between > September 8, 2017 and when they changed the policy on August 31, 2018. > >

Re: Incident Report - Misissuance of one certificate without DNS CAA authorization (Certigna)

On 12/09/2018 14:51, RS Tyler Schroder wrote: On Tuesday, September 11, 2018 at 3:34:45 AM UTC-4, josselin@gmail.com wrote: The audit of our previous CAA check practices ensured that the CA/B Forum requirements were met except for a single certificate for which the CA was not authorized

Re: Certigna Root Renewal Request

On Tue, Sep 11, 2018 at 12:37 AM josselin.allemandou--- via dev-security-policy wrote: > Hello, > > Thanks Wayne and Devon for your reply. > > We took the time to respond because we wanted to verify through an audit > that the SSL certificate requests processed since September 8th were in >

Re: Incident Report - Misissuance of one certificate without DNS CAA authorization (Certigna)

On Tuesday, September 11, 2018 at 3:34:45 AM UTC-4, josselin@gmail.com wrote: > The audit of our previous CAA check practices ensured that the CA/B Forum > requirements were met except for a single certificate for which the CA was > not authorized to issue according to the DNS CAA record. >

Re: Incident Report - Misissuance of one certificate without DNS CAA authorization (Certigna)

I have numbered the new questions from 13 and up and added 7 more questions at the end. On 12/09/2018 05:11, Matt Palmer wrote: On Tue, Sep 11, 2018 at 07:22:18AM -0700, josselin.allemandou--- via dev-security-policy wrote: Snipped the 12 questions that assumed this was an RA mistake