Re: Audit Letter Validation (ALV) on intermediate certs in CCADB

2019-11-19 Thread Kathleen Wilson via dev-security-policy
All, As Ryan points out, root store operators enforce the BRs in different ways. Ryan wrote: > (Writing in an official capacity for the Google/Chrome Root Program) > > Our expectation is that CAs will be filing incident reports for: > 1) The failure to include and document as in-scope within

How Certificates are Verified by Firefox

2019-11-19 Thread Wayne Thayer via dev-security-policy
If you are one of the many people who have wondered how exactly Firefox handles some aspect of certificate processing, you may be interested to know that we have recently updated the information on our wiki: https://wiki.mozilla.org/SecurityEngineering/Certificate_Verification I hope you find

Re: Audit Reminder Email Summary

2019-11-19 Thread Kathleen Wilson via dev-security-policy
Forwarded Message Subject: Summary of November 2019 Audit Reminder Emails Date: Tue, 19 Nov 2019 20:00:22 + (GMT) Mozilla: Audit Reminder CA Owner: D-TRUST Root Certificates: D-TRUST Root CA 3 2013 D-TRUST Root Class 3 CA 2 2009 D-TRUST Root Class 3 CA 2 EV 2009