On Thu, Dec 20, 2018 at 4:54 PM Matt Palmer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On Thu, Dec 20, 2018 at 10:34:21PM +, Jeremy Rowley via
> dev-security-policy wrote:
> > Here’s the first of the companies. Figured I’d do one and see if it has
> the
On Thu, Dec 20, 2018 at 10:34:21PM +, Jeremy Rowley via dev-security-policy
wrote:
> Here’s the first of the companies. Figured I’d do one and see if it has the
> information you want.
>
> https://bugzilla.mozilla.org/show_bug.cgi?id=1515788
Complete side-note: when the customer said you
Hey all,
Here’s the first of the companies. Figured I’d do one and see if it has the
information you want.
https://bugzilla.mozilla.org/show_bug.cgi?id=1515788
I think this answers all of your questions (except Ryan’s question about
remediation). Could you let me know if more
I can break down the date by customer. April 30 was the last date for all
customers. The actual revocation occurs sometime between Jan 15th and April
30th (still working on a per cert basis to determine this). Note that we
actually have the 30 day option available and are recommending it as a
Thanks for filing this, Jeremy.
If I understand correctly, the request DigiCert is asking is: "If we
submitted this as an incident report, would it be likely that conversations
about distrusting DigiCert would begin?", and that's what you're trying to
gauge from the community?
I think Wayne's
Thanks Wayne. Happy to update with that information. We’ll try to provide it
all be end of the year, definitely before Jan 12. I can answer two of these
generally now:
* Reason that publicly-trusted certificates are in use
- They are used on websites and infrastructure accessed through
Jeremy,
On Wed, Dec 19, 2018 at 10:55 PM Jeremy Rowley via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Done:
>
>
>
> https://bugzilla.mozilla.org/show_bug.cgi?id=1515564
>
> Thanks for submitting this.
>
>
> It ended up being about 1200 certs total that we are hearing
7 matches
Mail list logo