Dear Inigo,
On 14/09/17 09:49, Gervase Markham wrote:
> The Mozilla CA Certificates team has been considering what the
> appropriate next steps are for the inclusion request from the CA
> "StartCom".[0] As readers will know, this CA has previously been removed
> from trust[1], and so a re-applicat
On Monday, September 18, 2017 at 11:38:57 AM UTC+1, Inigo Barreira wrote:
> >
> > I want to give you some words from one of the "community side" (this is a
> > personal opinion and may vary from other opinions inside the community).
> >
> > Trust is not something that you get, it is something tha
>
> I want to give you some words from one of the "community side" (this is a
> personal opinion and may vary from other opinions inside the community).
>
> Trust is not something that you get, it is something that you earn.
True
> StartCom was distrusted because of serious issues with their ol
I want to give you some words from one of the "community side" (this is a
personal opinion and may vary from other opinions inside the community).
Trust is not something that you get, it is something that you earn.
StartCom was distrusted because of serious issues with their old PKI and now
ha
> > Yes, you´re right, that was on the table and also suggested by
> > Mozilla, but the issue was that people from 360 are used to code in
> > PHP and the old one was in Java and some other for which they are not
> > so familiar and then was decided to re-write all the code in PHP
> > trying to kee
On 15/09/17 08:53, Inigo Barreira wrote:
> Yes, you´re right, that was on the table and also suggested by Mozilla, but
> the issue was that people from 360 are used to code in PHP and the old one
> was in Java and some other for which they are not so familiar and then was
> decided to re-write all
tartcomca@lists.mozilla.org] On Behalf Of Percy via
dev-
> security-policy
> Sent: jueves, 14 de septiembre de 2017 22:13
> To: mozilla-dev-security-pol...@lists.mozilla.org
> Subject: Re: StartCom inclusion request: next steps
>
> "Conclusion: StartCom's attempt to
"Conclusion: StartCom's attempt to restart the CA was rushed."
"It was a very hard task in very few time but the people at 360 tried
everything to get it done by that date, end of december 2016, and yes, we
reached the date but with many failures"
May I ask why StartCom choose to rush everythin
> On Sep 14, 2017, at 04:49, Gervase Markham via dev-security-policy
> wrote:
>
> We should add the existing Certnomis cross-signs to OneCRL to revoke
> all the existing certificates. As of 10th August (now a month ago)
> StartCom said they have 5 outstanding SSL certs which are valid due
>
9 matches
Mail list logo