Thanks to all of you who reviewed and commented on this request from
CFCA to include the “CFCA EV ROOT” root certificate, turn on the
websites trust bit, and enable EV treatment.
I am closing this discussion, and I will recommend approval in the bug.
https://bugzilla.mozilla.org/show_bug.cgi?i
On 1/20/15 12:25 PM, Kathleen Wilson wrote:
On 1/7/15 1:23 PM, Kathleen Wilson wrote:
China Financial Certification Authority (CFCA) has applied to include
the “CFCA EV ROOT” root certificate, turn on the websites trust bit, and
enable EV treatment.
The first discussion resulted in CA action it
在 2015年1月23日星期五 UTC+8上午12:20:38,Erwann Abalea写道:
> Le mercredi 7 janvier 2015 22:25:00 UTC+1, Kathleen Wilson a écrit :
> > China Financial Certification Authority (CFCA) has applied to include
> > the "CFCA EV ROOT" root certificate, turn on the websites trust bit, and
> > enable EV treatment.
>
Le mercredi 7 janvier 2015 22:25:00 UTC+1, Kathleen Wilson a écrit :
> China Financial Certification Authority (CFCA) has applied to include
> the "CFCA EV ROOT" root certificate, turn on the websites trust bit, and
> enable EV treatment.
[...]
> * Root Cert: https://bugzilla.mozilla.org/attachme
On 1/7/15 1:23 PM, Kathleen Wilson wrote:
China Financial Certification Authority (CFCA) has applied to include
the “CFCA EV ROOT” root certificate, turn on the websites trust bit, and
enable EV treatment.
The first discussion resulted in CA action items, which have been
completed.
https://group
I'm CFCA's representative Zhao GaiXia and this is the officially respond
account(using google groups).
Thanks for your reply!
CFCA do not have limits relate to TLDs in SSL certificates, as is listed above
http://www.cfca.com.cn/file/CFCA-1403-CPS-en.rar
"
** CPS section 3.2.2.4: Applications f
This question is somewhat unrelated to the inclusion of CFCA in the root
program, but I'm interested to know the answer:
Based on some survey data I've gotten from the University of Michigan, it
appears that the CFCA root(s) have been used only within a limited scope
(TLDs in issued EE certificate
China Financial Certification Authority (CFCA) has applied to include
the “CFCA EV ROOT” root certificate, turn on the websites trust bit, and
enable EV treatment.
The first discussion resulted in CA action items, which have been completed.
https://groups.google.com/d/msg/mozilla.dev.security.p
On 9/2/14, 4:29 PM, Kathleen Wilson wrote:
I propose to close this discussion with the following action items:
I will take the lack of response to mean that everyone is OK with this
proposal.
However, as mentioned in a different discussion thread, the wiki page
has been updated. So I will up
On 6/19/14, 4:20 PM, Kathleen Wilson wrote:
This begins the discussion of the request from CFCA to include the “CFCA
GT CA” and “CFCA EV ROOT” root certificates, turn on all three trust
bits for the “CFCA GT CA” root certificate, turn on the websites trust
bit for the “CFCA EV ROOT” root certific
-security-pol...@lists.mozilla.org
Subject: Re: CFCA Root Inclusion Request
On Tue, August 5, 2014 10:26 am, Kathleen Wilson wrote:
> On 7/29/14, 2:00 PM, Kathleen Wilson wrote:
> > All,
> >
> > Thank you to those of you who have reviewed and commented on this
> > inclusio
On Tue, August 5, 2014 10:26 am, Kathleen Wilson wrote:
> On 7/29/14, 2:00 PM, Kathleen Wilson wrote:
> > All,
> >
> > Thank you to those of you who have reviewed and commented on this
> > inclusion request from CFCA. I will appreciate your opinions in response
> > to my questions below regarding
On 7/29/14, 2:00 PM, Kathleen Wilson wrote:
All,
Thank you to those of you who have reviewed and commented on this
inclusion request from CFCA. I will appreciate your opinions in response
to my questions below regarding how to move forward with this request.
Note that the “CFCA GT CA” root was
All,
Thank you to those of you who have reviewed and commented on this
inclusion request from CFCA. I will appreciate your opinions in response
to my questions below regarding how to move forward with this request.
Note that the “CFCA GT CA” root was included in Microsoft’s program in
Decemb
This is our reply for GT system
For GT:
1, No SAN
Status:
No problem/Fixed
This problem is found and fixed in pre-audit stage, but the test certificate is
an old one, now is been revoked.
As is mentioned in last reply, a Point in Time Pre-Issuance Readiness audit in
this April. Since this i
Thank you all for your replies.
We tested and verified many problems mentioned by Erwann
In conclusion the problems mentioned by Erwann are:
1,No SAN in certificate
2,MIME type of AIA URI and CRLDP is test/plain
3,OCSP signer certificate's public key, valid period and extension.
4,root key generat
On 24/06/14 18:17, Ryan Sleevi wrote:
> On a matter of process/procedure,
>
> When these sorts of egregious failures are noted - failures to conform to
> the required profiles or implement the specifications properly, what steps
> are taken to ensure the program operates correctly going forward?
I'm CFCA's representative Zhao GaiXia and this is the officially respond
account(using google doc).
Thanks for reviewing our request.
We will review and verify the points you mentioned and will reply soon.
Zhao Gaixia
Company Email:
gxz...@cfca.com.cn
_
On Tue, Jun 24, 2014 at 10:55:14AM -0700, Ryan Sleevi wrote:
> On Tue, June 24, 2014 10:39 am, Kurt Roeckx wrote:
> >
> > Should we mandate that the audit should also audit the procedures?
> >
> > In my opinion the audit should:
> > - Check that the CPS complies with all the requirements
> > -
lla.org
Subject: Re: CFCA Root Inclusion Request
On Tue, June 24, 2014 10:39 am, Kurt Roeckx wrote:
>
> Should we mandate that the audit should also audit the procedures?
>
> In my opinion the audit should:
> - Check that the CPS complies with all the requirements
> - Che
On Tue, June 24, 2014 10:39 am, Kurt Roeckx wrote:
>
> Should we mandate that the audit should also audit the procedures?
>
> In my opinion the audit should:
> - Check that the CPS complies with all the requirements
> - Check that the CPS is being followed.
Well, "Check that the CPS is being f
On Tue, Jun 24, 2014 at 10:17:17AM -0700, Ryan Sleevi wrote:
>
> However, if they address the problems that Erwann has specifically
> identified, does that reasonably give the community confidence that the
> audit - which failed to identify these - is competent and qualified? Is a
> new audit requ
On Tue, June 24, 2014 3:33 am, Erwann Abalea wrote:
> Le vendredi 20 juin 2014 01:20:56 UTC+2, Kathleen Wilson a écrit :
> > China Financial Certification Authority (CFCA) has applied to include
> > the "CFCA GT CA" and "CFCA EV ROOT" root certificates, turn on all three
> > trust bits for the "CF
Le vendredi 20 juin 2014 01:20:56 UTC+2, Kathleen Wilson a écrit :
> China Financial Certification Authority (CFCA) has applied to include
> the "CFCA GT CA" and "CFCA EV ROOT" root certificates, turn on all three
> trust bits for the "CFCA GT CA" root certificate, turn on the websites
> trust b
China Financial Certification Authority (CFCA) has applied to include
the “CFCA GT CA” and “CFCA EV ROOT” root certificates, turn on all three
trust bits for the “CFCA GT CA” root certificate, turn on the websites
trust bit for the “CFCA EV ROOT” root certificate, and enable EV
treatment for th
25 matches
Mail list logo
