: DigiCert .onion certificates without Tor Service Descriptor Hash
extension
On 21 Mar 2018 17:58, Wayne Thayer via dev-security-policy
mailto:dev-security-policy@lists.mozilla.org> > wrote:
7. List of steps your CA is taking to resolve the situation and
ensure such issuance will not be repea
On 21 Mar 2018 17:58, Wayne Thayer via dev-security-policy wrote:7. List of steps your CA is taking to resolve the situation and
ensure such issuance will not be repeated in the future, accompanied
with a timeline of when your CA expects to accomplish these things.
We revoked the certificat
g gain by including it, but I
> doubt there's strong incentives to change the guidelines right now. We'll
> modify to include it.
>
> -Original Message-
> From: Alex Cohn
> Sent: Monday, March 12, 2018 6:55 PM
> To: Jeremy Rowley
> Cc: mozilla-dev-security-po
7;re working on putting those technical controls in place.
>
> Jeremy
>
> -Original Message-
> From: dev-security-policy
> org> On Behalf Of Alex Cohn via dev-security-policy
> Sent: Sunday, March 11, 2018 9:37 PM
> To: dev-security-policy@lists.mozilla.org
> Subject:
remy
>
> -Original Message-
> From: dev-security-policy
>
> On Behalf Of Alex Cohn via dev-security-policy
> Sent: Sunday, March 11, 2018 9:37 PM
> To: dev-security-policy@lists.mozilla.org
> Subject: DigiCert .onion certificates without Tor Service Descriptor Has
dev-security-policy@lists.mozilla.org
Subject: DigiCert .onion certificates without Tor Service Descriptor Hash
extension
In the EV Guidelines [1], Appendix F states "The CA MUST include the CAB
Forum Tor Service Descriptor Hash extension in the TBSCertificate convey
hashes of keys related to .onion addr
In the EV Guidelines [1], Appendix F states "The CA MUST include the
CAB Forum Tor Service Descriptor Hash extension in the TBSCertificate
convey hashes of keys related to .onion addresses." This language was
added in Ballot 201 [2], which had an effective date of 8 July 2017.
The following certif
7 matches
Mail list logo
