Re: AC Camerfirma's CP & CPS disclosure

2018-10-31 Thread Wayne Thayer via dev-security-policy
.com or through the website > http://webcrm.camerfirma.com/incidencias/incidencias.php > > > -Mensaje original- > De: dev-security-policy > [mailto:dev-security-policy-boun...@lists.mozilla.org] En nombre de Wayne > Thayer via dev-security-policy > Enviado el: jueves, 27 de septiem

RE: AC Camerfirma's CP & CPS disclosure

2018-09-27 Thread Ramiro Muñoz via dev-security-policy
Wayne Thayer via dev-security-policy Enviado el: jueves, 27 de septiembre de 2018 0:38 Para: Ramiro Muñoz Muñoz CC: mozilla-dev-security-policy Asunto: Re: AC Camerfirma's CP & CPS disclosure Hello Ramiro, On Tue, Sep 4, 2018 at 3:13 PM Wayne Thayer wrote: > Thank you for this respon

Re: AC Camerfirma's CP & CPS disclosure

2018-09-26 Thread Wayne Thayer via dev-security-policy
Hello Ramiro, On Tue, Sep 4, 2018 at 3:13 PM Wayne Thayer wrote: > Thank you for this response Ramiro. I have copied this to the bug [1] and > have described Mozilla's expectations for point-in-time audits that confirm > that these issues have been resolved. > > [1] https://bugzilla.mozilla.org/

Re: AC Camerfirma's CP & CPS disclosure

2018-09-04 Thread Wayne Thayer via dev-security-policy
Thank you for this response Ramiro. I have copied this to the bug [1] and have described Mozilla's expectations for point-in-time audits that confirm that these issues have been resolved. [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1478933 On Tue, Sep 4, 2018 at 5:47 AM ramirommunoz--- via d

Re: AC Camerfirma's CP & CPS disclosure

2018-09-04 Thread ramirommunoz--- via dev-security-policy
Hi Wayne here you are a response to the qualified audits. As you remarks we have include links to the previously reported bugs. We will keep you informed about the remediation process plan. Sorry for the delay as you know Juan Angel is the person in charge of this Work and is on vacation for so

Re: AC Camerfirma's CP & CPS disclosure

2018-08-29 Thread Wayne Thayer via dev-security-policy
Hello Juan, Was this message intended to be a response to the discussion of Camerfirma's qualified audits in https://bugzilla.mozilla.org/show_bug.cgi?id=1478933 ? I am awaiting a full response to comment #7 in which I requested a full remediation plan for the issues identified by these audits. -

AC Camerfirma's CP & CPS disclosure

2018-08-29 Thread Juan Angel Martin via dev-security-policy
1. We've been required by our auditors in their WebTrust Principles and Criteria for Certification Authorities v2.0 & Extended Validation SSL v1.6 Qualified Audits Reports of a series of changes that we must make in our CP & CPS W4CA https://bugzilla.mozilla.org/attachment.cgi?id=8995928 WEV htt