Re: EJBCA defaulting to 63 bit serial numbers

On Sat, Mar 9, 2019 at 12:49 PM Dimitris Zacharopoulos via dev-security-policy wrote: > > The question I'm having trouble answering, and I would appreciate if > this was answered by the Mozilla CA Certificate Policy Module Owner, is > > "does Mozilla treat this finding as a violation of the

Re: EJBCA defaulting to 63 bit serial numbers

What concerns me overall in this discussion is the fact that some CAs thought it was completely acceptable to barely scrape through to meet the most basic minimum of requirements. I hope these CAs have a better security posture and are not operating at the minimum. Thank you, Burton On Sat, Mar

Re: EJBCA defaulting to 63 bit serial numbers

On Sat, Mar 9, 2019 at 2:49 PM Dimitris Zacharopoulos wrote: > The question I'm having trouble answering, and I would appreciate if this > was answered by the Mozilla CA Certificate Policy Module Owner, is > > "does Mozilla treat this finding as a violation of the current language of > section

Re: EJBCA defaulting to 63 bit serial numbers

Hi, As others have already pointed out the subject in this thread is incorrect. There are no, and has never been any, 63 bit serial numbers created by EJBCA. As the specific topic has already been discussed, I just wanted to reference to the post[1] with technical details, if anyone ends up

Re: EJBCA defaulting to 63 bit serial numbers

On 9/3/2019 2:37 μ.μ., Ryan Sleevi wrote: I’m chiming in, Dimtris, as it sounds like you may have unintentionally misrepresented the discussion and positions, and I want to provide you, and possibly HARICA, the guidance and clarity it needs in this matter. On Sat, Mar 9, 2019 at 12:46 AM

Re: EJBCA defaulting to 63 bit serial numbers

I’m chiming in, Dimtris, as it sounds like you may have unintentionally misrepresented the discussion and positions, and I want to provide you, and possibly HARICA, the guidance and clarity it needs in this matter. On Sat, Mar 9, 2019 at 12:46 AM Dimitris Zacharopoulos via dev-security-policy

Re: A modest proposal for a better BR 7.1

Matt's right, you need to discussion this on the CAB Forum. Burton On Sat, Mar 9, 2019 at 9:10 AM Matt Palmer via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > On Fri, Mar 08, 2019 at 08:43:49PM -0600, Matthew Hardeman via > dev-security-policy wrote: > > I know this

Re: A modest proposal for a better BR 7.1

On Fri, Mar 08, 2019 at 08:43:49PM -0600, Matthew Hardeman via dev-security-policy wrote: > I know this isn't the place to bring a BR ballot, but I'm not presently a > participant there. My understanding is that discussing potential BR changes here is actively counter-productive, because of