Re: ccadb.org

Hrm, I didn’t realize it had been restricted. The gist is that bug is closed as incomplete as of three months ago and there is a new bug that I don’t have access to: https://bugzilla.mozilla.org/show_bug.cgi?id=1409786 > On Jan 29, 2018, at 20:02, James Burton wrote: > > Hi

Re: ccadb.org

Hi Jonathan, I haven't got the required permission to access bug 1376996. Thank you, James On Tue, Jan 30, 2018 at 12:57 AM, Jonathan Rudenberg wrote: > > > On Jan 29, 2018, at 19:48, James Burton via dev-security-policy < > dev-security-policy@lists.mozilla.org>

Re: ccadb.org

> On Jan 29, 2018, at 19:48, James Burton via dev-security-policy > wrote: > > I was doing research on the ccadb.org site and was surprised to find that > the site is running only in HTTP and is not using HTTPS. There is already a bug about this:

ccadb.org

I was doing research on the ccadb.org site and was surprised to find that the site is running only in HTTP and is not using HTTPS. Now, I understand that GitHub pages don't support HTTPS for custom domains but you could always use CloudFlare for HTTPS support in the meantime until GitHub enables

Re: DRAFT January 2018 CA Communication

The email has been sent, and we've published a blog post: https://blog.mozilla.org/security/2018/01/29/january-2018-ca-communication/ On Monday, January 29, 2018 at 1:15:51 PM UTC-7, Wayne Thayer wrote: > You can find a link to the final version of the survey at >

Re: DRAFT January 2018 CA Communication

You can find a link to the final version of the survey at https://wiki.mozilla.org/CA/Communications#January_2018_CA_Communication We're planning to send this out to all CAs in the Mozilla program later today. The deadline for responses has been set to 9-February. Thanks to everyone who

Re: Taiwan GRCA Root Renewal Request

Thanks for pointing this out Ryan and Dimitris. You are both correct: we should direct Taiwan GRCA to change their request from including the root to including only the subordinate CAs that comply with the Mozilla policy. The option of adding the non-compliant subordinate CAs to OneCRL does not

Re: ComSign Root Renewal Request

Yair, Will you please provide a detailed response to each of Ryan's points? Also, please provide the specific version of the RSA Certificate Manager in use by ComSign. Thanks, Wayne On Mon, Jan 29, 2018 at 8:43 AM, YairE via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote:

Re: ComSign Root Renewal Request

Hi Ryan, I noticed that your notes refer to a previous version of the CPS and not the current one here is a link to the current version which is 4.1. https://s3-us-west-2.amazonaws.com/comsign/CPS/CPS_4.1_eng.pdf About the CA software – we are now under auditing for our new Microsoft CA and

Re: Certigna Root Renewal Request

Le jeudi 27 avril 2017 15:22:27 UTC+2, Aaron Wu a écrit : > This request from the Dhimyotis/Certigna is to include the SHA-256 ‘Certigna > Root CA’ certificate and turn on the Websites and Email trust bits. This root > certificate will eventually replace the SHA-1 ‘Certigna’ root certificate >