While I sincerely appreciate the efforts of Chunghwa Telecom to respond to
questions and to remediate some of the issues that were identified here,
this discussion ha made it clear that this request should be denied. There
is a significant degree of misissuance associated with this root, some of
Wayne Thayer於 2018年7月14日星期六 UTC+8上午1時16分58秒寫道:
> > In effect, this is saying that CAs should be permitted to break
> well-defined rules when they find them inconvenient. This is the second
> example in which Chunghwa Telecom has argued that it's okay to do this
> (along with the Taiwan
On Sat, Jul 14, 2018 at 2:16 AM Wayne Thayer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On Fri, Jul 13, 2018 at 3:03 AM lcchen.cissp--- via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
> > Dear Wayne,
> >
> >Those programs for checking
On Fri, Jul 13, 2018 at 3:03 AM lcchen.cissp--- via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> Dear Wayne,
>
>Those programs for checking field of ToBeSign SSL certificate are
> online on June 22.
>
>We suggest that CA "in principle" must comply with the string
On 2018-07-13 12:02, lcchen.ci...@gmail.com wrote:
We suggest that CA "in principle" must comply with the string length limit
of RFC 5280 for organizationalUnitName or organizationName filed in Subject of a
certificate. But if it is necessary after verification to express an organization’s
Dear Wayne,
Those programs for checking field of ToBeSign SSL certificate are online on
June 22.
We suggest that CA "in principle" must comply with the string length limit
of RFC 5280 for organizationalUnitName or organizationName filed in Subject of
a certificate. But if it is
The specific CP/CPS concerns that I identified have been addressed in the
latest version of these documents (attached to bug #1341604).
Some of the misissuances [1] have been addressed - in particular, the 10
"dedicated server application software certificates" have been revoked and
replaced with
lcchen...@gmail.com於 2018年6月5日星期二 UTC+8下午5時22分40秒寫道:
> Wayne Thayer於 2018年5月19日星期六 UTC+8上午8時13分15秒寫道:
> > This request is for inclusion of the Chunghwa Telecom eCA as documented in
> > the following bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1341604
>
>
>
>
> > ==Bad==
> > * A large
Dear Wayne,
The previous email has some typos, corrected as follows.
1. When I was back to my office after the travlelling from England and disussed
with my colleauges, I mailed the situation and the plan to Wayne and Kathleen
on June 15.
> When I was back to my office after the
Dear Wayne,
Our two customers requested to use original CSR to issue two shorter
validity SSL certificates. By the re-issuance function of a program, to insert
original applications data, our SSL RA Officers checked the addresses but they
forgot to add L in Subject DN. So there are two SSL
lcchen...@gmail.com於 2018年6月5日星期二 UTC+8下午6時25分00秒寫道:
> lcchen...@gmail.com於 2018年6月5日星期二 UTC+8下午5時22分40秒寫道:
>
> >
> > 1. We plan to modify the format of this type of certificate. The new
> > certificate format will contain an EKU that excludes anyPolicy,
> > emailProtection and serverAuth;
lcchen...@gmail.com於 2018年6月5日星期二 UTC+8下午5時22分40秒寫道:
>
> 1. We plan to modify the format of this type of certificate. The new
> certificate format will contain an EKU that excludes anyPolicy,
> emailProtection and serverAuth; besides, there will be no SubjectAltName
> anymore. In other words,
Wayne Thayer於 2018年5月19日星期六 UTC+8上午8時13分15秒寫道:
> This request is for inclusion of the Chunghwa Telecom eCA as documented in
> the following bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1341604
> ==Bad==
> * A large number of certificates have been misissued from the “Public
>
Wayne Thayer於 2018年5月19日星期六 UTC+8上午8時13分15秒寫道:
> This request is for inclusion of the Chunghwa Telecom eCA as documented in
> the following bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1341604
> I’ve reviewed the CPS, BR Self Assessment, and related information for the
> Chunghwa Telecom
This request is for inclusion of the Chunghwa Telecom eCA as documented in
the following bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1341604
* BR Self Assessment is here:
https://bugzilla.mozilla.org/attachment.cgi?id=8963172
* Summary of Information Gathered and Verified:
15 matches
Mail list logo