On Fri, 23 Oct 2020 at 17:33, Ryan Sleevi wrote:
>
> On Fri, Oct 23, 2020 at 8:55 AM Matthias van de Meent via dev-security-policy
> wrote:
>>
>> The current MRSP do not bind the requirements on the reporting of
>> incidents to the CA that the incident was filed on, but generally to
>> CAs.
>>
2020년 10월 10일 토요일 오전 7시 31분 12초 UTC+9에 George님이 작성한 내용:
> Minor but it seems like all certificates with a stateOrProvinceName field are
> misissued. The ST field should probably be the "Gyeonggi-do" as the
> "Seongnam-si" entered is a city.
>
>
>
> ‐‐‐ Original Message ‐‐‐
> On
2020년 10월 10일 토요일 오전 7시 31분 12초 UTC+9에 George님이 작성한 내용:
> Minor but it seems like all certificates with a stateOrProvinceName field are
> misissued. The ST field should probably be the "Gyeonggi-do" as the
> "Seongnam-si" entered is a city.
>
>
>
> ‐‐‐ Original Message ‐‐‐
> On
Hi,
Please see NBP’s response to Matthias and Ryan’s comments.
2020년 10월 22일 목요일 오전 3시 29분 40초 UTC+9에 Ryan Sleevi님이 작성한 내용:
> On Wed, Oct 21, 2020 at 2:09 PM Matthias van de Meent via
> dev-security-policy wrote:
>
> > Hi,
> >
> > In the CPS v1.4.3 of NAVER, section 4.9.3, I found the
On Fri, Oct 23, 2020 at 8:55 AM Matthias van de Meent via
dev-security-policy wrote:
> The current MRSP do not bind the requirements on the reporting of
> incidents to the CA that the incident was filed on, but generally to
> CAs.
>
> Section 2.4 has the general requirement for a CA to report
On Thu, 22 Oct 2020, 20:53 Ben Wilson via dev-security-policy,
wrote:
> That proposal is to have section 2.4 read as follows: "If
> being audited to the WebTrust criteria, the Management Assertion letter
> MUST include all known incidents that occurred or were still
> open/unresolved at any time
6 matches
Mail list logo