The CA/Browser Forum’s Bylaws at Section 2.3(c) allow the Forum Chair
(currently me) to invite Interested Parties to participate in Working Group
meetings.
I hereby extend an invitation to Forum Interested Parties to participate in
person or remotely in the all-day Validation Working Group meet
On Wednesday, May 25, 2016 at 10:10:35 AM UTC+2, Ryan Sleevi wrote:
> On Tue, May 24, 2016 at 10:25 AM, wrote:
> > Here's my question -- what do Google and Microsoft do with such reports?
> > Do they investigate and then put a site on the "bad" list, eg, for
> > injecting malware? If not, then
On Tuesday, May 24, 2016 at 2:01:22 PM UTC+2, Ryan Sleevi wrote:
> On Friday, May 20, 2016 at 10:24:56 AM UTC-7, Andrew Ayer wrote:
> > In fact, Kathleen asked explicitly for what the answers "should be" in
> > addition to what they are, so my email was not unrelated. To be more
> > explicit, I thi
On Friday, May 20, 2016 at 6:22:21 PM UTC-7, Peter Bowen wrote:
> [ Disclaimer: This message is my personal view and does not
> necessarily represent that of my employer. ]
>
> On Fri, May 20, 2016 at 5:41 PM, [Kirk Hall] wrote:
> > Peter -- the reference to BR 9.6.8(8) is interesting, but is not
On Friday, May 20, 2016 at 5:29:43 PM UTC-7, Peter Bowen wrote:
> [ Disclaimer: This message is my personal view and does not
> necessarily represent that of my employer. ]
>
> On Fri, May 20, 2016 at 3:19 PM, wrote:
> > On Friday, May 20, 2016 at 12:22:07 PM UTC-7, Peter Bowen wrote:
> >>
> >>
On Friday, May 20, 2016 at 12:22:07 PM UTC-7, Peter Bowen wrote:
> [ Disclaimer: This message is my personal view and does not
> necessarily represent that of my employer. ]
>
> On Thu, May 19, 2016 at 9:15 AM, [Kirk Hall] wrote:
> > This has been a very surprising discussion to me. If most CAs
On Friday, May 20, 2016 at 2:09:42 AM UTC-7, Ben Laurie wrote:
> > 4.9.3. Procedure for Revocation Request
> >
> >"*** The CA SHALL provide Subscribers, Relying Parties, Application
> > Software Suppliers, and other third parties with clear instructions for
> > reporting suspected Private Ke
On Thursday, May 19, 2016 at 5:21:05 PM UTC-7, Peter Bowen wrote:
> I think you misinterpreted the responses, at least if that is the take
> away you have. Kathleen asked specific questions and I think the
> responses were to those specific questions. The question "MUST CAs
> investigate and re
Matt, that's a bit harsh, and you are all over the map. I was only responding
to Kathleen's questions, which asked what do the current BRs require CAs to do
when they receive reports of SSL certificates issued to malware injection
sites. I was not proposing any new rules or any new interpretat
Andrew - As I outlined in my message above, the BRs cover two distinct
situations: (1) when must CAs revoke certs that have already been issued for
“Certificate misuse, or other types of fraud, compromise, misuse, or
inappropriate conduct related to Certificates,” and (2) when CAs must refuse to
On Tuesday, February 23, 2016 at 10:58:19 AM UTC-8, Gervase Markham wrote:
> Mozilla and other browsers have been approached by Worldpay, a large
> payment processor, via Symantec, their CA. They have been transitioning
> to SHA-2 but due to an oversight have failed to do so in time for a
> portion
On Tuesday, February 23, 2016 at 10:58:19 AM UTC-8, Gervase Markham wrote:
> Mozilla and other browsers have been approached by Worldpay, a large
> payment processor, via Symantec, their CA. They have been transitioning
> to SHA-2 but due to an oversight have failed to do so in time for a
> portion
12 matches
Mail list logo
