subject:"Proposal\: Make readable CPSes easier to find"

Re: Proposal: Make readable CPSes easier to find

2020-04-21 Thread Ryan Sleevi via dev-security-policy

On Tue, Apr 21, 2020 at 8:24 AM Wojtek Porczyk wrote: > This statement, snipped from above: > > > This is exactly the sort of case CCADB is supremely positioned to solve, > > efficiently. In fact, all of these problems can be addressed by CCADB > > improvements, providing programmatically

Re: Proposal: Make readable CPSes easier to find

2020-04-21 Thread Wojtek Porczyk via dev-security-policy

On Tue, Apr 21, 2020 at 01:23:49AM -0400, Ryan Sleevi via dev-security-policy wrote: > On Mon, Apr 20, 2020 at 10:04 PM Matt Palmer via dev-security-policy > wrote: > > 2. Make the cPSuri actually point to the relevant CPS > > That doesn’t really capture what a CPS is. There can be many

Re: Proposal: Make readable CPSes easier to find

2020-04-21 Thread Ryan Sleevi via dev-security-policy

On Tue, Apr 21, 2020 at 1:48 AM Matt Palmer via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > That ship sailed so very, very long ago, though. No it hasn’t. These are much easier to remove than to add new dependencies. We’re already seeing progress in addressing some of

Re: Proposal: Make readable CPSes easier to find

2020-04-20 Thread Matt Palmer via dev-security-policy

On Tue, Apr 21, 2020 at 01:23:49AM -0400, Ryan Sleevi wrote: > On Mon, Apr 20, 2020 at 10:04 PM Matt Palmer via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > > 1. Make cPSuri mandatory > > We really don’t need to be stuffing everything into subscriber > certificates,

Re: Proposal: Make readable CPSes easier to find

2020-04-20 Thread Ryan Sleevi via dev-security-policy

On Mon, Apr 20, 2020 at 10:04 PM Matt Palmer via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > A major difficulty I found in trying to report compromised keys to CAs was > in finding a reporting address to use. Now, by itself, that could be > solved > by making CCADB

Proposal: Make readable CPSes easier to find

2020-04-20 Thread Matt Palmer via dev-security-policy

A major difficulty I found in trying to report compromised keys to CAs was in finding a reporting address to use. Now, by itself, that could be solved by making CCADB reporting addresses be authoritative, but that would also require standardisation of reporting types, and it's a whole rabbit

Re: Proposal: Make readable CPSes easier to find

Re: Proposal: Make readable CPSes easier to find

Re: Proposal: Make readable CPSes easier to find

Re: Proposal: Make readable CPSes easier to find

Re: Proposal: Make readable CPSes easier to find

Proposal: Make readable CPSes easier to find

6 matches

Site Navigation

Mail list logo

Footer information