On Tue, Oct 22, 2019 at 9:51 PM Wayne Thayer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> I have added this proposal to the 2.7 branch:
>
> https://github.com/mozilla/pkipolicy/commit/fa843039285b10030490c7eb54d1b754edae1fbc
>
> I will greatly appreciate everyone's
Having received no comments, I did not add the proposed guidance on status
update frequency, but I did make the "marked as resolved" change that
Jeremy suggested:
https://github.com/mozilla/pkipolicy/commit/bad3fedc10e1fe9d5237760093ad235326e3bd62
An additional related change has been proposed in
On Tue, Oct 22, 2019 at 4:23 PM Ryan Sleevi wrote:
>
> On Tue, Oct 22, 2019 at 6:31 PM Wayne Thayer via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
>> > I'm also not sure if I understand the wording correctly. Let's assume,
>> an
>> > internal CA of company
The primary purpose of forwarding the Intent to Ship email to this list was
to inform the community of this planned change and the reasoning behind it.
Mozilla considered lots of information prior to announcing the change, and
during the vigorous debate that ensued, we continued to listen without
On Tue, Oct 22, 2019 at 03:35:52PM -0700, Kirk Hall via dev-security-policy
wrote:
> I also have a question for Mozilla on the removal of the EV UI.
This is a mischaracterisation. The EV UI has not been removed, it has been
moved to a new location.
> So my question to Mozilla is, why did
On Tue, Oct 22, 2019 at 6:31 PM Wayne Thayer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> > I'm also not sure if I understand the wording correctly. Let's assume, an
> > internal CA of company "mycompany" gets successfully validated for
> > mycompany.example and
On Tue, Oct 22, 2019 at 1:38 PM Paul Walsh via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Thanks Johann. Much appreciated. Would you be kind enough to email me a
> screen shot to save me the trouble of installing an older version and then
> waiting for an update? :)
>
>
I also have a question for Mozilla on the removal of the EV UI. This issue
started with a posting by Mozilla on August 12, but despite 237 subsequent
postings from many members of the Mozilla community, I don't think Mozilla
staff ever responded to anything or anyone - not to explain or
On Tue, Oct 22, 2019 at 10:59 AM Buschart, Rufus via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> > > Sounds good. This was your proposed response to solving this issue
> > > back on May 13, so it's full circle :)
> > >
> > >
> > > I'm going to consider this issue
I made a change to the new section 8.1 language intended to include in the
scope both the transfer of existing subordinate CA certificates and the
signing of new subordinate CA certificates that are controlled by an
organization other than the CA:
Thanks Johann. Much appreciated. Would you be kind enough to email me a screen
shot to save me the trouble of installing an older version and then waiting for
an update? :)
Thanks,
- Paul
> On Oct 22, 2019, at 1:29 PM, Johann Hofmann wrote:
>
> Hi Paul,
>
> thanks for the heads up. This
Hi Paul,
thanks for the heads up. This wasn't intentional and I've reached out to
get the security UI changes added to the release notes for 70. You're right
that this is significant enough to be included. The page should be updated
very soon, so that most users will see the new version (due to
Directly question for Mozilla.
Today, the website identity UI was removed from Firefox. “We" new it was
coming. But millions of users didn’t.
Why wasn’t this mentioned in the release notes on the page that’s automatically
opened following the update?
Someone might say “they didn’t know it
> > Sounds good. This was your proposed response to solving this issue
> > back on May 13, so it's full circle :)
> >
> >
> > I'm going to consider this issue resolved unless there are further
> > comments.
>
> Just checking whether the following is acceptable.
>
> If a CA validates the
On 2019-10-22 7:28 μ.μ., Wayne Thayer wrote:
The CA SHALL NOT delegate validation of the domain part of
an e-mail
address.
This is
https://github.com/mozilla/pkipolicy/commit/85ae5a1b37ca8e5138d56296963195c3c7dec85a
Sounds good.
On Mon, Oct 21, 2019 at 7:01 PM Ryan Sleevi wrote:
>
> On Mon, Oct 21, 2019 at 7:58 PM Wayne Thayer wrote:
>
>> The CA MUST verify all e-mail addresses using a process that is
>>> substantially similar to the process used to verify domain names, as
>>> described in the Baseline Requirements.
16 matches
Mail list logo