I inform you that Microsec activated the IVCP profiles today.
It is possible to issue IVCP certificates again.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
We organized the training for our Registration Officers regarding the proper
configuration of different TSL profiles today.
The IVCP profiles are planned to be reactivated tomorrow.
___
dev-security-policy mailing list
I inform you that as planned two days ago, Microsec today activated the new CA
software release in the live system.
The CA sofware has been improved to support more automatic checking for the
presence of SN fields for different certificate profiles.
As part of the project, Microsec has
I give you a brief status report on CA software development.
Microsec has already completed the development of CA software and introduced
additional automatic checks for the proper configuration of the SN fields in
case of different certificate types.
A number of internal tests have already
I have uploaded the Excel sheet to the following bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=1622539#c3
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
iginal Message-
From: Ryan Sleevi
Sent: Tuesday, March 31, 2020 11:57 PM
To: Sándor dr. Szőke
Cc: mozilla-dev-security-policy
Subject: Re: Microsec: Issuance of 2 IVCP precertificates without givenName,
surName, localityName fields
On Tue, Mar 31, 2020 at 4:46 PM Sándor dr. Szőke via
dev-se
On Tue, Mar 31, 2020 at 4:46 PM Sándor dr. Szőke via
dev-security-policy wrote:
>
>
> > - Microsec will review the CA software looking for possible similar
> > problems - deadline 2020-03-31
>
>
> Microsec has completed a detailed review of the automatic controls built into
> the CA software.
> - Microsec will review the CA software looking for possible similar problems
> - deadline 2020-03-31
Microsec has completed a detailed review of the automatic controls built into
the CA software. The review covered all SSL/TLS certificate types and focused
on the presence of required
>
> - Microsec will check all the issued IVCP certificates looking for similar
> issues - deadline 2020-03-20
>
Microsec has finished the detailed investigation on the issued TLS IVCP
certificates looking for similar issues. The findings are the following:
Microsec issued altogether 9 test
1. How your CA first became aware of the problem (e.g. via a problem report
submitted to your Problem Reporting Mechanism, a discussion in
mozilla.dev.security.policy, a Bugzilla bug, or internal self-audit), and the
time and date.
Microsec became aware of the problem from the new discussion at
10 matches
Mail list logo
