On Sat, Mar 21, 2020 at 01:53:31AM +, Nick Lamb wrote:
> On Sat, 21 Mar 2020 09:25:26 +1100
> Matt Palmer via dev-security-policy
> wrote:
>
> > These two certificates:
> >
> > https://crt.sh/?id=2602048478=ocsp
> > https://crt.sh/?id=2601324532=ocsp
> >
> > Were issued by Let's
On Sat, 21 Mar 2020 09:25:26 +1100
Matt Palmer via dev-security-policy
wrote:
> These two certificates:
>
> https://crt.sh/?id=2602048478=ocsp
> https://crt.sh/?id=2601324532=ocsp
>
> Were issued by Let's Encrypt more than 24 hours ago, and remain
> unrevoked, despite the revocation of
These two certificates:
https://crt.sh/?id=2602048478=ocsp
https://crt.sh/?id=2601324532=ocsp
Were issued by Let's Encrypt more than 24 hours ago, and remain unrevoked,
despite the revocation of the below two certificates, which use the same
private key, for keyCompromise prior to the
On 3/20/20 1:15 PM, Jeremy Rowley wrote:
What about issues other than audits? For example, with certain locations
closing, key ceremonies may become impossible, leading to downed CRLs/OCSP for
intermediates. There's also a potential issue with trusted roles even being
able to access the data
On Fri, Mar 20, 2020 at 4:15 PM Jeremy Rowley via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> What about issues other than audits? For example, with certain locations
> closing, key ceremonies may become impossible, leading to downed CRLs/OCSP
> for intermediates.
On Fri, Mar 20, 2020 at 4:07 PM Kathleen Wilson via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> My question: What should "location" mean in the above requirement?
>
The WebTrust Practitioner Guidance offers a reasonable definition:
I posted the following message in the mozilla.governance forum.
If you would like, please feel free to comment here in m.d.s.p.
- Wayne
-- Forwarded message -
From: Wayne Thayer
Date: Fri, Mar 13, 2020 at 11:11 AM
Subject: Proposal for New CA Certificate Policy Module Owner
To:
What about issues other than audits? For example, with certain locations
closing, key ceremonies may become impossible, leading to downed CRLs/OCSP for
intermediates. There's also a potential issue with trusted roles even being
able to access the data center if something goes down and Sub CAs
All,
I will greatly appreciate your ideas about the following.
In the Minimum Expectations section in
https://wiki.mozilla.org/CA/Audit_Statements#Audit_Delay
I added:
""
* Both ETSI and WebTrust Audits must:
** Disclose each location that was included in the scope of the audit,
as well as
It was our assessment when adding data to CCADB, that Mozilla would be
interested in the authoritative documents in CCADB and requires English
(non-authoritative) translations to be readily available (“provided”) on our
websites and upon request.
The CCADB-policy states in chapter 5, that
10 matches
Mail list logo