On Fri, Feb 7, 2020 at 7:55 AM douglas.beattie--- via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On Thursday, February 6, 2020 at 6:05:20 PM UTC-5, Ryan Sleevi wrote:
> > (Replying from the correct e-mail)
> >
> > On Thu, Feb 6, 2020 at 3:55 PM Doug Beattie via
On Thursday, February 6, 2020 at 6:05:20 PM UTC-5, Ryan Sleevi wrote:
> (Replying from the correct e-mail)
>
> On Thu, Feb 6, 2020 at 3:55 PM Doug Beattie via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
> > We should clarify the Mozilla policy to more clearly define
(Replying from the correct e-mail)
On Thu, Feb 6, 2020 at 3:55 PM Doug Beattie via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> We should clarify the Mozilla policy to more clearly define list of fields
> containing email address (those 3 listed above) must be validated
On Thu, Feb 06, 2020 at 09:31:40PM +, Doug Beattie via dev-security-policy
wrote:
> I don't agree that the CA MUST validate EVERY field. CAs leverage
> enterprise RAs to validate some information in SMIME certificates, e.g., the
> subscribers name in the CN field because the CA can't readily
is the
active directly account, but I thought I'd start a discussion to see what
people thought.
Doug
-Original Message-
From: Kurt Roeckx
Sent: Thursday, February 6, 2020 4:06 PM
To: Doug Beattie
Cc: mozilla-dev-security-policy
Subject: Re: Which fields containing email addresses need
On Thu, Feb 06, 2020 at 08:54:04PM +, Doug Beattie via dev-security-policy
wrote:
> It's not against Mozilla policy to
> issue certificates with unvalidated email addresses in any field as long as
> the Secure Mail EKU is not included, so the intent should be to validate
> only those that are
6 matches
Mail list logo