Re: [EXT] Symantec response to Google proposal

As an incidental, I am negatively influenced by reading Symantecs response: On Friday, 2 June 2017 16:48:45 UTC+1, Steve Medin wrote: > > https://www.symantec.com/connect/blogs/symantec-s-response-google- > s-subca-proposal > > > > > Our primary objective has always been to minimize any po

Re: Symantec Response L

On Tuesday, 11 April 2017 22:09:39 UTC+1, Eric Mill wrote: > On Tue, Apr 11, 2017 at 6:37 AM, Gervase Markham via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > > > An (interactive) picture might help illustrate what I'm pointing to. This > is the Federal PKI: > https://

Re: Over 14K 'Let's Encrypt' SSL Certificates Issued To PayPal Phishing Sites

This topic is frustrating in that there seems to be a wide attempt by people to use one form of authentication (DV TLS) to verify another form of authentication (EV TLS). There seems an issue for people not being able to understand that a FREE service with a vey low bar in knowledge requiremen

Re: Misissued/Suspicious Symantec Certificates

On Tuesday, 28 February 2017 17:45:19 UTC, Santhan Raj wrote: > WebTrust for Certification Authorities , SSL > BaselinewithNetwork Security, Version 2.0,available > at > http://www.webtrust.org/homepage‐documents/item79806.pdf. 404 - File or

Re: Talk at FOSDEM

Thank you for the link, Gerv. That was a very interesting watch. Curious correlation [post video] between Earnst and Young re:Wosign and Earnst and Young re: CrossCert (although I assume this CrossCert relationship was only forthcoming after your talk). And the gent around the 38 min