Re: Proposal: prohibit issuance of new certificates with known-compromised keys, and for related purposes

On Mon, Mar 30, 2020 at 5:32 PM Matt Palmer via dev-security-policy wrote: > Righto, the goals are: > > * Make it a policy violation for CAs to issue a certificate using a public > key they've revoked before. > > * Clarify the language around key compromise revocation to make it obvious >

Re: Terms and Conditions that use technical measures to make it difficult to change CAs

On Mon, Mar 16, 2020 at 5:06 PM Tim Hollebeek via dev-security-policy wrote: > > > > Hello, > > > > I'd like to start a discussion about some practices among other commercial > CAs that have recently come to my attention, which I personally find > disturbing. While it's perfectly appropriate to

Re: Proposal: prohibit issuance of new certificates with known-compromised keys, and for related purposes

On Mon, Apr 06, 2020 at 12:56:02PM -0400, Ryan Sleevi wrote: > On Mon, Mar 30, 2020 at 5:32 PM Matt Palmer via dev-security-policy > wrote: > > Righto, the goals are: > > > > * Make it a policy violation for CAs to issue a certificate using a public > > key they've revoked before. > > > > *