subject:"FW\: Bit encoding \(AW\: Policy 2.6 Proposal\: Add prohibition on CA key generation to policy\)"

Re: FW: Bit encoding (AW: Policy 2.6 Proposal: Add prohibition on CA key generation to policy)

2018-05-14 Thread Wayne Thayer via dev-security-policy

On Mon, May 14, 2018 at 11:29 AM Bruce via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > On Wednesday, May 9, 2018 at 11:42:56 PM UTC-4, Wayne Thayer wrote: > > I think we have settled on the following resolution to this issue: > > > > Add the following to section 5.2

Re: FW: Bit encoding (AW: Policy 2.6 Proposal: Add prohibition on CA key generation to policy)

2018-05-14 Thread Bruce via dev-security-policy

On Wednesday, May 9, 2018 at 11:42:56 PM UTC-4, Wayne Thayer wrote: > I think we have settled on the following resolution to this issue: > > Add the following to section 5.2 (Forbidden and Required Practices): > > CAs MUST NOT generate the key pairs for end-entity certificates that have > > an

Re: FW: Bit encoding (AW: Policy 2.6 Proposal: Add prohibition on CA key generation to policy)

2018-05-11 Thread Wayne Thayer via dev-security-policy

ev-security-pol...@lists.mozilla.org> > *Subject:* Re: FW: Bit encoding (AW: Policy 2.6 Proposal: Add prohibition > on CA key generation to policy) > > > > > > I think we have settled on the following resolution to this issue: > > > > Add the following to secti

RE: FW: Bit encoding (AW: Policy 2.6 Proposal: Add prohibition on CA key generation to policy)

2018-05-10 Thread Doug Beattie via dev-security-policy

<doug.beat...@globalsign.com> Cc: mozilla-dev-security-policy <mozilla-dev-security-pol...@lists.mozilla.org> Subject: Re: FW: Bit encoding (AW: Policy 2.6 Proposal: Add prohibition on CA key generation to policy) I think we have settled on the following resolution to this issue: Add t

Re: FW: Bit encoding (AW: Policy 2.6 Proposal: Add prohibition on CA key generation to policy)

2018-05-09 Thread Wayne Thayer via dev-security-policy

I think we have settled on the following resolution to this issue: Add the following to section 5.2 (Forbidden and Required Practices): CAs MUST NOT generate the key pairs for end-entity certificates that have > an EKU extension containing the KeyPurposeIds id-kp-serverAuth or >

FW: Bit encoding (AW: Policy 2.6 Proposal: Add prohibition on CA key generation to policy)

2018-05-09 Thread Doug Beattie via dev-security-policy

>From: Wayne Thayer [mailto:wtha...@mozilla.com] >Sent: Monday, May 7, 2018 8:43 PM >To: Doug Beattie >Cc: Ryan Hurst ; mozilla-dev-security-policy >pol...@lists.mozilla.org> >Subject: Re: Bit encoding (AW: Policy 2.6 Proposal: Add

Re: FW: Bit encoding (AW: Policy 2.6 Proposal: Add prohibition on CA key generation to policy)

Re: FW: Bit encoding (AW: Policy 2.6 Proposal: Add prohibition on CA key generation to policy)

Re: FW: Bit encoding (AW: Policy 2.6 Proposal: Add prohibition on CA key generation to policy)

RE: FW: Bit encoding (AW: Policy 2.6 Proposal: Add prohibition on CA key generation to policy)

Re: FW: Bit encoding (AW: Policy 2.6 Proposal: Add prohibition on CA key generation to policy)

FW: Bit encoding (AW: Policy 2.6 Proposal: Add prohibition on CA key generation to policy)

6 matches

Site Navigation

Mail list logo

Footer information