This seems like an absolute no-brainer to me. DarkMatter's past behavior and line of business are fundamentally incompatible with the level of trust reposed in CA's. This is not even a close call. I believe Mozilla should: 1. Deny the root inclusion request; 2. Add the intermediate CA certificates that were signed by QuoVadis to OneCRL; and 3. Demand an explanation from DigiCert as to why the intermediate CA certificates were issued in the first place and why they remain unrevoked. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
- Re: DarkMatter Co... rjarrrpcgp--- via dev-security-policy
- Re: DarkMatter Concer... Kurt Roeckx via dev-security-policy
- Re: DarkMatter Concerns Scott Rea via dev-security-policy
- Re: DarkMatter Concerns Kurt Roeckx via dev-security-policy
- Re: DarkMatter Concerns Scott Rea via dev-security-policy
- Re: DarkMatter Concerns Nex via dev-security-policy
- Re: DarkMatter Concerns ferenn.gnoll--- via dev-security-policy
- Re: DarkMatter Concerns alex.gaynor--- via dev-security-policy
- Re: DarkMatter Concerns Todd Troxell via dev-security-policy
- Re: DarkMatter Concerns namedcesar--- via dev-security-policy
- Re: DarkMatter Concerns cwbussard--- via dev-security-policy
- Re: DarkMatter Concerns eve.shime--- via dev-security-policy
- Re: DarkMatter Concerns Corey Bonnell via dev-security-policy
- Re: DarkMatter Concerns Scott Rea via dev-security-policy
- Re: DarkMatter Concerns Corey Bonnell via dev-security-policy
- Re: DarkMatter Concer... Scott Rea via dev-security-policy
- Re: DarkMatter Co... Matt Palmer via dev-security-policy
- Re: DarkMatt... Peter Gutmann via dev-security-policy
- Re: DarkMatter Co... Scott Rea via dev-security-policy
- Re: DarkMatt... Paul Kehrer via dev-security-policy
- Re: Dark... Scott Rea via dev-security-policy