https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-1.6.8.pdf
4.10.2. Service Availability
The CA SHALL operate and maintain its CRL and OCSP capability with
resources sufficient to provide a
response time of ten seconds or less under normal operating conditions.
On Fri, Mar 13, 2020 at
On Fri, Mar 13, 2020 at 2:38 PM Doug Beattie via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> When we moved to SHA2 knew of security risks so the timeline could be
> justified, however, I don’t see the same pressing need to move to annual
> domain revalidation and 1 year
1. How your CA first became aware of the problem (e.g. via a problem report
submitted to your Problem Reporting Mechanism, a discussion in
mozilla.dev.security.policy, a Bugzilla bug, or internal self-audit), and the
time and date.
Microsec became aware of the problem from the new discussion at
Is there any rules (BRs, Mozilla's or other) about the availability of OCSP
responders (like for CT logs)?
It looks like http://ocsp2.globalsign.com/cloudsslsha2g3 is not working (at
least partially) for more than 12 hours now :
https://twitter.com/kermiite/status/1238585131767599106
On Wednesday, March 11, 2020 at 4:11:56 PM UTC-7, Kathleen Wilson wrote:
> To start with, it is common for a domain name to be purchased for one
> year. A certificate owner that was able to prove ownership/control of
> the domain name last year might not have renewed the domain name. So why
>
Hi Kathleen,
I think a clear description of why the change is needed is a great first step
and will help explain why this change is needed and justify the timeline (and
Ryan's ballot SC22 had a number of suggestions, some good and some weak, imo).
When we moved to SHA2 knew of security risks
Hello Ryan,
my message was not meant as a response to your previous message but as a
general contribution.
I know that you have deepest knowledge around the different audit schemes.
However, others on this list might be less familiar with audits. That’s why I
thought it might be useful to
7 matches
Mail list logo
