Krajowa Izba Rozliczeniowa (KIR) S.A. has applied to include the "SZAFIR
ROOT CA" root certificate and enable all three trust bits.
The first discussion is here:
https://groups.google.com/d/msg/mozilla.dev.security.policy/aNbK4zw_Zb8/ekmVXYXvfQ4J
The action items resulting from the first discus
Please note that we have made changes in the CPS ad CP. You can find the
documents here: http://www.elektronicznypodpis.pl/Documents
They are waiting for aproval of our Management Board. We hope it will be
accepted within a week.
In CPS in section 3.2.2 we added in third paragraph:
"Domain name
On Mon, February 9, 2015 1:08 pm, Kathleen Wilson wrote:
> Krajowa Izba Rozliczeniowa (KIR) S.A. has applied to include the "SZAFIR
> ROOT CA" root certificate and enable all three trust bits.
>
> The first discussion is here:
>
> https://groups.google.com/d/msg/mozilla.dev.security.policy/aNb
On Mon, Feb 9, 2015 at 4:19 PM, Ryan Sleevi
wrote:
> Section 3.2.2 describes a means for validating domain ownership that is
> not described within Section 11.1.1 of the BR 1.2.3. In particular, it
> uses the WHOIS information (described in 11.1.1 p3) in conjunction with
> email (described in 11.1
All,
I have confirmed that KIR has made the changes listed below to their CPS
and CP.
CPS:
http://www.elektronicznypodpis.pl/files/doc/certification_practice_statement.pdf
CP: http://elektronicznypodpis.pl/files/doc/certification_policy.pdf
Are there any further questions or comments about
On Tue, March 3, 2015 12:32 pm, Kathleen Wilson wrote:
> All,
> I have confirmed that KIR has made the changes listed below to their
CPS
> and CP.
> CPS:
>
> http://www.elektronicznypodpis.pl/files/doc/certification_practice_statement.pdf
CP: http://elektronicznypodpis.pl/files/doc/certificat
On 2/9/15 1:08 PM, Kathleen Wilson wrote:
Krajowa Izba Rozliczeniowa (KIR) S.A. has applied to include the "SZAFIR
ROOT CA" root certificate and enable all three trust bits.
The first discussion is here:
https://groups.google.com/d/msg/mozilla.dev.security.policy/aNbK4zw_Zb8/ekmVXYXvfQ4J
The a
On 4/6/15 2:06 PM, Kathleen Wilson wrote:
On 2/9/15 1:08 PM, Kathleen Wilson wrote:
Krajowa Izba Rozliczeniowa (KIR) S.A. has applied to include the "SZAFIR
ROOT CA" root certificate and enable all three trust bits.
The first discussion is here:
https://groups.google.com/d/msg/mozilla.dev.secur
On 4/8/15 10:12 AM, Kathleen Wilson wrote:
On 4/6/15 2:06 PM, Kathleen Wilson wrote:
On 2/9/15 1:08 PM, Kathleen Wilson wrote:
Krajowa Izba Rozliczeniowa (KIR) S.A. has applied to include the "SZAFIR
ROOT CA" root certificate and enable all three trust bits.
The first discussion is here:
https
On 01/12/2015 19:26, Kathleen Wilson wrote:
On 4/8/15 10:12 AM, Kathleen Wilson wrote:
On 4/6/15 2:06 PM, Kathleen Wilson wrote:
On 2/9/15 1:08 PM, Kathleen Wilson wrote:
Krajowa Izba Rozliczeniowa (KIR) S.A. has applied to include the
"SZAFIR
ROOT CA" root certificate and enable all three tru
On 12/1/15 3:53 PM, Jakob Bohm wrote:
Just an aside:
That 20 byte limit sounds like something in NSS hasn't been updated
past SHA-1 yet! (I do know that certificate serial numbers are not
really hash values in any verifiable way, but that is the historic
design reason for setting the default
On 12/1/15 10:26 AM, Kathleen Wilson wrote:
Inclusion of the "SZAFIR ROOT CA" root certificate was approved.
https://bugzilla.mozilla.org/show_bug.cgi?id=817994#c62
However, when we were testing the changes to include this root
certificate, we noticed that the serial number was too long, so we
erverAuth" EKU MUSTNOT be included in any certificate that does
not conform to the "SSL"profile.
Answer: Please, let us know if these explanations are enough. Then we will
send the draft of CPS within a week.
Od: "Ryan Sleevi"
Do: "Kathleen Wilson"
9.2.4(f); it
just seems to describe additional controls on who KIR S.A will issue to.
Is this correct?
KIR's answer:
Yes exactly. This is additional check as it is required in 11.2.5 BR.
Od: "Ryan Sleevi"
Do: "Kathleen Wilson" ,
DW: mozilla-dev-sec
On Fri, March 20, 2015 8:10 am, Certificates wrote:
> Hello,
>
> Thank you for your detailed second review.
>
> Please, find our answers below.
Kathleen pointed out my original message was unclear, but I think it's
fine to progress on this inclusion.
While nothing prohibits OCSP nonces, I do h
15 matches
Mail list logo