Re: Policy 2.7 Proposal: Clarify Section 5.1 ECDSA Curve-Hash Requirements

On Mon, Apr 22, 2019 at 6:20 PM Brian Smith wrote: > There are three (that I can think of) sources of confusion: > > 1. Is there any requirement that the signature algorithm that is used to > sign a certificate be correlated in any way to the algorithm of the public > key of the signed

Re: Policy 2.7 Proposal: Require EKUs in End-Entity Certificates

On 24/4/2019 10:18 π.μ., Matt Palmer via dev-security-policy wrote: On Wed, Apr 24, 2019 at 09:13:31AM +0300, Dimitris Zacharopoulos via dev-security-policy wrote: I support this update but I am not sure if this is somehow linked with the scope of the Mozilla Policy. Does this change mean

Re: Policy 2.7 Proposal: Require EKUs in End-Entity Certificates

On Wed, Apr 24, 2019 at 09:13:31AM +0300, Dimitris Zacharopoulos via dev-security-policy wrote: > I support this update but I am not sure if this is somehow linked with the > scope of the Mozilla Policy. Does this change mean that after April 1, 2020, > any Certificate that does not have an EKU

Re: Policy 2.7 Proposal: Require EKUs in End-Entity Certificates

On 24/4/2019 2:09 π.μ., Wayne Thayer via dev-security-policy wrote: On Fri, Apr 19, 2019 at 7:12 PM Matt Palmer via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: On Fri, Apr 19, 2019 at 01:22:59PM -0700, Wayne Thayer via dev-security-policy wrote: Okay, then I propose