On Tue, Apr 21, 2020 at 8:24 AM Wojtek Porczyk
wrote:
> This statement, snipped from above:
>
> > This is exactly the sort of case CCADB is supremely positioned to solve,
> > efficiently. In fact, all of these problems can be addressed by CCADB
> > improvements, providing programmatically
On Tue, Apr 21, 2020 at 01:23:49AM -0400, Ryan Sleevi via dev-security-policy
wrote:
> On Mon, Apr 20, 2020 at 10:04 PM Matt Palmer via dev-security-policy
> wrote:
> > 2. Make the cPSuri actually point to the relevant CPS
>
> That doesn’t really capture what a CPS is. There can be many
On Tue, Apr 21, 2020 at 1:48 AM Matt Palmer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> That ship sailed so very, very long ago, though.
No it hasn’t. These are much easier to remove than to add new dependencies.
We’re already seeing progress in addressing some of
On Tue, Apr 21, 2020 at 01:23:49AM -0400, Ryan Sleevi wrote:
> On Mon, Apr 20, 2020 at 10:04 PM Matt Palmer via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
> > 1. Make cPSuri mandatory
>
> We really don’t need to be stuffing everything into subscriber
> certificates,
On Mon, Apr 20, 2020 at 10:04 PM Matt Palmer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> A major difficulty I found in trying to report compromised keys to CAs was
> in finding a reporting address to use. Now, by itself, that could be
> solved
> by making CCADB
A major difficulty I found in trying to report compromised keys to CAs was
in finding a reporting address to use. Now, by itself, that could be solved
by making CCADB reporting addresses be authoritative, but that would also
require standardisation of reporting types, and it's a whole rabbit
6 matches
Mail list logo