Re: WISeKey - Request to transfer Root ownership to the OISTE Foundation

2019-01-03 Thread Wayne Thayer via dev-security-policy
I am satisfied with the response to my questions. If no additional comments are received by Tuesday, 8-January 2019, I will consider this request to have been "resolved with a positive conclusion" as required by Mozilla policy section 8.1. - Wayne On Fri, Nov 30, 2018 at 2:46 AM Pedro Fuentes

Re: Need information on Certificate store in Firefox

2019-01-03 Thread Ryan Sleevi via dev-security-policy
Avoiding cross-posting here, but you probably want to ask at https://lists.mozilla.org/listinfo/dev-tech-crypto On Thu, Jan 3, 2019 at 11:48 AM Amit Shelke via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > Hello, > > I am working on a tool which gathers data from

Re: Late Certinomis Audit (Was: Audit Reminder Email Summary)

2019-01-03 Thread marc.maitre--- via dev-security-policy
Franck Leroy explained that LSTI was about to deliver the audit letter to Certinomis, but regarding the recent issue with TUV-IT, LSTI decided to postpone any attestation letter and to do further investigation on all their PTC CA clients" Certinomis had to provide further information to the

Need information on Certificate store in Firefox

2019-01-03 Thread Amit Shelke via dev-security-policy
Hello, I am working on a tool which gathers data from different browser installed on Windows system; this is just to ensure that installed browser(s) meets the minimum requirement to run our one of the product. So one of the requirement is to collect the CA certificate in Firefox store. For

Re: Yet more undisclosed intermediates

2019-01-03 Thread Jakob Bohm via dev-security-policy
On 03/01/2019 16:46, Kurt Roeckx wrote: On 2019-01-03 16:25, Jakob Bohm wrote: There is the date fields in the SubCA certificate itself, as well as any embedded CT data (assuming the parent CA is correctly CT-logged). Do you expect precertificates for CA certificates? I currently don't know

Re: Yet more undisclosed intermediates

2019-01-03 Thread Kurt Roeckx via dev-security-policy
On 2019-01-03 16:25, Jakob Bohm wrote: There is the date fields in the SubCA certificate itself, as well as any embedded CT data (assuming the parent CA is correctly CT-logged). Do you expect precertificates for CA certificates? I currently don't know if there are any requirements for logging

Re: Yet more undisclosed intermediates

2019-01-03 Thread Jakob Bohm via dev-security-policy
On 02/01/2019 23:40, Wayne Thayer wrote: > On Wed, Jan 2, 2019 at 11:32 AM Jakob Bohm via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > >> On 02/01/2019 17:17, Wayne Thayer wrote: >>> The options to consider are: >>> 1. Continue with current policy of treating