On Tue, Mar 13, 2018 at 11:26 AM, Kai Engert wrote:
> On 13.03.2018 15:59, Peter Bowen wrote:
> >>
> >> Which companies, other than Apple and Google, benefit from DigiCert
> >> running the Manager Partner Infrastructure and from DigiCert being part
> >> of the exclusion list?
> >
> > An unlimited
As I didn't write the blog post, I certainly can't speak to the
intent
The intent of the blog post was to let folks know about an error they
may encounter when Firefox 60 goes into Beta. And to have a place to
point folks to if they run into the error and ask about it.
It was *not* our in
On Tue, Mar 13, 2018 at 11:50 AM, Ryan Sleevi wrote:
>
>
> On Tue, Mar 13, 2018 at 11:26 AM, Kai Engert wrote:
>
>> On 13.03.2018 15:59, Peter Bowen wrote:
>> >>
>> >> Which companies, other than Apple and Google, benefit from DigiCert
>> >> running the Manager Partner Infrastructure and from Di
On 13.03.2018 15:59, Peter Bowen wrote:
>>
>> Which companies, other than Apple and Google, benefit from DigiCert
>> running the Manager Partner Infrastructure and from DigiCert being part
>> of the exclusion list?
>
> An unlimited set. Any company who purchases a certificate from
> DigiCert that
On Tue, Mar 13, 2018 at 10:52 AM, Peter Bowen wrote:
> On Tue, Mar 13, 2018 at 7:19 AM, Kai Engert via dev-security-policy
> wrote:
> > On 13.03.2018 14:59, Ryan Sleevi wrote:
> >> the blog post says, the subCAs controlled by Apple and Google are
> the
> >> ONLY exceptions.
> >>
> >>
On Tue, Mar 13, 2018 at 7:55 AM, Kai Engert via dev-security-policy
wrote:
> On 13.03.2018 15:35, Ryan Sleevi via dev-security-policy wrote:
>>
>>> Are the DigiCert transition CAs, which are part of the exclusion list,
>>> and which you say are used for "Managed Partner Infrastructure",
>>> strict
On Tue, Mar 13, 2018 at 10:55 AM, Kai Engert wrote:
> On 13.03.2018 15:35, Ryan Sleevi via dev-security-policy wrote:
> >
> >> Are the DigiCert transition CAs, which are part of the exclusion list,
> >> and which you say are used for "Managed Partner Infrastructure",
> >> strictly limited to supp
On 13.03.2018 15:35, Ryan Sleevi via dev-security-policy wrote:
>
>> Are the DigiCert transition CAs, which are part of the exclusion list,
>> and which you say are used for "Managed Partner Infrastructure",
>> strictly limited to support the needs of the Apple and Google companies?
>
>
> No.
I
On Tue, Mar 13, 2018 at 7:19 AM, Kai Engert via dev-security-policy
wrote:
> On 13.03.2018 14:59, Ryan Sleevi wrote:
>> the blog post says, the subCAs controlled by Apple and Google are the
>> ONLY exceptions.
>>
>> However, the Mozilla Firefox code also treats certain DigiCert subCAs
On Tue, Mar 13, 2018 at 10:19 AM, Kai Engert via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On 13.03.2018 14:59, Ryan Sleevi wrote:
> > the blog post says, the subCAs controlled by Apple and Google are the
> > ONLY exceptions.
> >
> > However, the Mozilla Fir
On 13.03.2018 14:59, Ryan Sleevi wrote:
> the blog post says, the subCAs controlled by Apple and Google are the
> ONLY exceptions.
>
> However, the Mozilla Firefox code also treats certain DigiCert subCAs as
> exceptions.
>
> Based on Ryan Sleevi's recent comments on this list
On Tue, Mar 13, 2018 at 8:36 AM, Kai Engert via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On 12.03.2018 22:19, Kathleen Wilson via dev-security-policy wrote:
> > Wayne and I have posted a Mozilla Security Blog regarding the current
> > plan for distrusting the Symantec
On 12.03.2018 22:19, Kathleen Wilson via dev-security-policy wrote:
> Wayne and I have posted a Mozilla Security Blog regarding the current
> plan for distrusting the Symantec TLS certs.
>
> https://blog.mozilla.org/security/2018/03/12/distrust-symantec-tls-certificates/
Hello Kathleen and Wayne,
Same question. Does this mean the key used to sign the digicert roots is
subject to the distrust without exception?
> On Mar 13, 2018, at 1:36 PM, Kai Engert via dev-security-policy
> wrote:
>
>> On 12.03.2018 22:19, Kathleen Wilson via dev-security-policy wrote:
>> Wayne and I have posted a M
On 12.03.2018 22:19, Kathleen Wilson via dev-security-policy wrote:
> Wayne and I have posted a Mozilla Security Blog regarding the current
> plan for distrusting the Symantec TLS certs.
>
> https://blog.mozilla.org/security/2018/03/12/distrust-symantec-tls-certificates/
Hello Kathleen and Wayne,
All,
Wayne and I have posted a Mozilla Security Blog regarding the current
plan for distrusting the Symantec TLS certs.
https://blog.mozilla.org/security/2018/03/12/distrust-symantec-tls-certificates/
Kathleen
___
dev-security-policy mailing list
d
16 matches
Mail list logo