On Tuesday, 4 July 2017 10:50:43 UTC+1, Jeremy Rowley wrote:
> I'm an idiot. The discussion wasn't meant to be a red herring. Just a
> momentary lapse in intelligence...
>
> It really looks like this from a validation perspective, right? EE ->
> Self-signed -> Issuing CA (as it has the same
for non-compliance.
>
> -Original Message-
> From: Rob Stradling [mailto:rob.stradl...@comodo.com]
> Sent: Monday, July 3, 2017 2:14 PM
> To: Jeremy Rowley <jeremy.row...@digicert.com>;
> mozilla-dev-security-pol...@lists.mozilla.org
> Subject: Re: DigiCert pol
zilla.org
Subject: Re: DigiCert policy violation - non-disclosure of
https://crt.sh/?id=160110886
On Tuesday, 4 July 2017 02:37:36 UTC+1, Jeremy Rowley wrote:
> [JR] Well yeah - but this one is self-signed and self-issued, so how
> does it chain?
This seems to be a source of confusion for
From: Rob Stradling [mailto:rob.stradl...@comodo.com]
Sent: Monday, July 3, 2017 2:14 PM
To: Jeremy Rowley <jeremy.row...@digicert.com>;
mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: DigiCert policy violation - non-disclosure of
https://crt.sh/?id=160110886
On 03/07/17 16:10, Jeremy Rowl
Thanks Nick. I'm missing something on this, so I appreciate the help so
far. I replied to each section.
Perhaps you have confused transitivity with commutativity or one of the
other simple properties. Transitivity is the property whereby if F(A,B) and
F(B,C) then F(A,C), for example the "greater
On Monday, 3 July 2017 23:05:53 UTC+1, Jeremy Rowley wrote:
> And it's hardly fair to deride my lack of understanding on what transitive
> trust entails in the digital certificate space considering it's outside of
> the usual trust paths, not defined in the standard RFCs, and not the same as
>
-policy
Sent: Monday, July 3, 2017 4:05 PM
To: Nick Lamb <tialara...@gmail.com>;
mozilla-dev-security-pol...@lists.mozilla.org
Subject: RE: DigiCert policy violation - non-disclosure of
https://crt.sh/?id=160110886
"Previously accepted without comment" is hardly accurate. There's
ert policy violation - non-disclosure of
https://crt.sh/?id=160110886
On Monday, 3 July 2017 22:00:00 UTC+1, Jeremy Rowley wrote:
> Link please to a formal definition? As your email alleges a policy
violation by one a cross-signed CAs, we take the investigation and response
very seriously. I'd
On Monday, 3 July 2017 22:00:00 UTC+1, Jeremy Rowley wrote:
> Link please to a formal definition? As your email alleges a policy violation
> by one a cross-signed CAs, we take the investigation and response very
> seriously. I'd like to know the basis for the definition before formulating
> an
-compliance.
-Original Message-
From: Rob Stradling [mailto:rob.stradl...@comodo.com]
Sent: Monday, July 3, 2017 2:14 PM
To: Jeremy Rowley <jeremy.row...@digicert.com>;
mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: DigiCert policy violation - non-disclosure of
https://crt.
On 03/07/17 16:10, Jeremy Rowley via dev-security-policy wrote:
I am surprised you decided to fork the thread from here
https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/sNDN6q26_uM
where this was already being discussed. Seems unnecessary.
Hi Jeremy. That thread discusses
I am surprised you decided to fork the thread from here
https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/sNDN6q26_uM
where this was already being discussed. Seems unnecessary.
I don't agree this is a policy violation, and I doubt any CA not involved in
the previously
12 matches
Mail list logo
