Hi Wayne here you are a response to the qualified audits. As you remarks we
have include links to the previously reported bugs. We will keep you informed
about the remediation process plan. Sorry for the delay as you know Juan Angel
is the person in charge of this Work and is on vacation for
El miércoles, 4 de abril de 2018, 4:10:16 (UTC+2), Matt Palmer escribió:
> On Tue, Apr 03, 2018 at 05:19:32AM -0700, ramirommunoz--- via
> dev-security-policy wrote:
> > Completely agree with you about that a new root by itself do not solve the
> > problem.
>
> T
El martes, 3 de abril de 2018, 23:48:32 (UTC+2), okaphone.e...@gmail.com
escribió:
> On Tuesday, 3 April 2018 14:19:43 UTC+2, ramiro...@gmail.com wrote:
> > El martes, 3 de abril de 2018, 11:58:49 (UTC+2), okaphone.e...@gmail.com
> > escribió:
> > > On Monday, 2 April 2018 19:22:02 UTC+2,
El martes, 3 de abril de 2018, 11:58:49 (UTC+2), okaphone.e...@gmail.com
escribió:
> On Monday, 2 April 2018 19:22:02 UTC+2, ramiro...@gmail.com wrote:
> > El lunes, 2 de abril de 2018, 3:53:08 (UTC+2), Tom Prince escribió:
> > > On Sunday, April 1, 2018 at 4:16:47 AM UTC-6,
El lunes, 2 de abril de 2018, 3:53:08 (UTC+2), Tom Prince escribió:
> On Sunday, April 1, 2018 at 4:16:47 AM UTC-6, ramiro...@gmail.com wrote:
> > I fully understand the proposed solution about 2018 roots but as I
> > previously said some concerns arise, [...]
>
>
> That is unfortunate for
El domingo, 1 de abril de 2018, 16:29:08 (UTC+2), westm...@gmail.com escribió:
> Hi, Ramiro.
> But how will the problems persecuting your CA disappear, even if the root is
> sterile.
>
> Andrew
Thank you Andrew for your comment.
We have already solve the problems located in this bug, and
El viernes, 30 de marzo de 2018, 17:06:35 (UTC+2), Wayne Thayer escribió:
> On Wed, Mar 28, 2018 at 3:45 AM, ramirommunoz--- via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
> >
> > On Tuesday, March 27, 2018 at 10:37:07 PM UTC+2, Wayne Th
On Wednesday, March 28, 2018 at 7:34:25 AM UTC+2, Adrian R. wrote:
> Hello
> can you please sign the PDF files on that site?
>
> the very first page of CPS_eidas_EN_v_1_2_3.pdf says
> "Document valid only in digital format digitally signed by the Policy
> Authority"
>
> but the PDF that i was
On Tuesday, March 27, 2018 at 10:37:07 PM UTC+2, Wayne Thayer wrote:
> Hi Ramiro,
>
> On Fri, Mar 23, 2018 at 11:52 AM, ramirommunoz--- via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
> > Hi Ryan
> >
> > Thanks again for
On Friday, March 23, 2018 at 4:20:51 PM UTC+1, Ryan Sleevi wrote:
> On Fri, Mar 23, 2018 at 1:12 PM ramirommunoz--- via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
> > On Thursday, March 22, 2018 at 10:43:49 PM UTC+1, Ryan Sleevi wrote:
> >
On Thursday, March 22, 2018 at 10:43:49 PM UTC+1, Ryan Sleevi wrote:
> On Thu, Mar 22, 2018 at 6:26 PM ramirommunoz--- via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
> > Hi Ryan
> > Many thanks for your report. I will try to answer to your
Hi Ryan
Many thanks for your report. I will try to answer to your concerns about our
root inclusión.
> In attempt to discuss continued trust, I have attempted to summarize the
> patterns and issues of note, along with the timeline from reporting to
> remediation. It is my goal that this will
Hi Wayne
Here my answers to the ==Meh== questions.
1 * Camerfirma has had a number of recent compliance issues as listed below:
Resolved:
* Non-BR-compliant OCSP responders:
> * I am unable to locate a BR audit for the GCSR2016, but the websites trust
> bit has been requested. I first thought that this root was not intended for
> serverAuth, but section 1.2.1.4 of the CPS indicates that there is an “AC
> CAMERFIRMA GLOBAL FOR WEBSITES” subordinate CA that chains to
Hi Wyne
here our answers to the ==Bad== issues we are working on the ==Meh== ones.
1 * The inclusion request references a much older CPS [3] that doesn't list the
2016 versions of these roots or comply with current policies. I only reviewed
the newer CPS [5], but this CPS (section 1.2.1)
El jueves, 17 de agosto de 2017, 12:26:05 (UTC+2), ramiro...@gmail.com
escribió:
> El martes, 15 de agosto de 2017, 15:13:04 (UTC+2), Gervase Markham escribió:
> > On 08/08/17 14:33, Alex Gaynor wrote:
> > > Following up on this thread, 8 days ago I emailed Camerfirma, I have not
> > > heard
El martes, 15 de agosto de 2017, 15:13:04 (UTC+2), Gervase Markham escribió:
> On 08/08/17 14:33, Alex Gaynor wrote:
> > Following up on this thread, 8 days ago I emailed Camerfirma, I have not
> > heard back from them, nor have they taken any action. What is the
> > appropriate next step here?
>
El jueves, 20 de julio de 2017, 16:49:15 (UTC+2), Gervase Markham escribió:
> On 19/07/17 14:53, Alex Gaynor wrote:
> > I'd like to report the following instance of miss-issuance:
>
> Thank you. Again, I have drawn this message to the attention of the CAs
> concerned (Government of Venezuela and
18 matches
Mail list logo
