You can find an explanation of Mozilla's enforcement mechanism on our wiki
[1]. When a CA fails to comply, the immediate action upon discovery is the
creation of an incident bug and the expectation that the CA will file an
incident report [2].
- Wayne
[1]
Hi Wayne,
What could be the consequences of a given CA (Certification Authority) not
complying with this new policy? Thanks!
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
On Thu, Dec 12, 2019 at 4:58 AM Malcolm Doody via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On Thursday, 12 December 2019 11:07:24 UTC, Malcolm Doody wrote:
> > On Wednesday, 11 December 2019 15:42:21 UTC, Wayne Thayer wrote:
> > > The new version of the Mozilla Root
On Thursday, 12 December 2019 11:07:24 UTC, Malcolm Doody wrote:
> On Wednesday, 11 December 2019 15:42:21 UTC, Wayne Thayer wrote:
> > The new version of the Mozilla Root Store Policy has been published [1].
>
> Looks like the level-4 headers (3.1.2.1 and 3.1.2.2) are in the wrong sized
>
On Wednesday, 11 December 2019 15:42:21 UTC, Wayne Thayer wrote:
> The new version of the Mozilla Root Store Policy has been published [1].
> [1]
> https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/
Looks like the level-4 headers (3.1.2.1 and 3.1.2.2) are in the
The new version of the Mozilla Root Store Policy has been published [1].
This version goes into effect on January 1, 2020. The prior version that is
in effect for the rest of 2019 is linked from the wiki [2].
I have also just posted an announcement [3] on the Mozilla Security Blog.
We will be
6 matches
Mail list logo