On 08/08/17 20:02, Jeremy Rowley wrote:
> +1. CAs should be required to support certificate problem reports
> sent through a specified email address. It simplifies the process a
> lot if CAs use at least one common mechanism.
https://github.com/mozilla/pkipolicy/issues/98
Gerv
+1. CAs should be required to support certificate problem reports sent through
a specified email address. It simplifies the process a lot if CAs use at least
one common mechanism.
> On Aug 8, 2017, at 12:22 PM, Jonathan Rudenberg via dev-security-policy
>
, 2017 10:37 AM
To: mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: CA Problem Reporting Mechanisms
On 8/7/2017 8:09 PM, Jonathan Rudenberg wrote:
>
>> On May 17, 2017, at 07:24, Gervase Markham via dev-security-policy
>> <dev-security-policy@lists.mozilla.org> wrote:
> On Aug 8, 2017, at 10:36, David E. Ross via dev-security-policy
> wrote:
>
> On 8/7/2017 8:09 PM, Jonathan Rudenberg wrote:
>>
>>> On May 17, 2017, at 07:24, Gervase Markham via dev-security-policy
>>> wrote:
On 8/7/2017 8:09 PM, Jonathan Rudenberg wrote:
>
>> On May 17, 2017, at 07:24, Gervase Markham via dev-security-policy
>> wrote:
>>
>> On 16/05/17 02:26, userwithuid wrote:
>>> After skimming the responses and checking a few CAs, I'm starting to
>>>
> On May 17, 2017, at 07:24, Gervase Markham via dev-security-policy
> wrote:
>
> On 16/05/17 02:26, userwithuid wrote:
>> After skimming the responses and checking a few CAs, I'm starting to
>> wonder: Wouldn't it be easier to just add another mandatory
On Wednesday, May 17, 2017 at 11:24:54 AM UTC, Gervase Markham wrote:
> Well, such contacts are normally per CA rather than per root. I guess we
> could add it on the CA's entry.
Tbh, I'm not really familiar with your salesforce setup, I was just using this
as a stand-in for "place where CA can
On 16/05/17 02:26, userwithuid wrote:
> After skimming the responses and checking a few CAs, I'm starting to
> wonder: Wouldn't it be easier to just add another mandatory field to
> the CCADB (e..g. "revocation contact"), requiring $URL or $EMAIL via
> policy and just use that to provide a public
After skimming the responses and checking a few CAs, I'm starting to wonder:
Wouldn't it be easier to just add another mandatory field to the CCADB (e.g.
"revocation contact"), requiring $URL or $EMAIL via policy and just use that to
provide a public list?
It seems to me that most revocation
9 matches
Mail list logo