Re: Auditing of CA facilities in lockdown because of an environmental disaster/pandemic

All, Just FYI that I updated the CA Incident Dashboard wiki page to separate the audit delay bugs into their own section. https://wiki.mozilla.org/CA/Incident_Dashboard#Audit_Delays Thanks, Kathleen ___ dev-security-policy mailing list

Re: Request to Include Microsec e-Szigno Root CA 2017 and to EV-enable Microsec e-Szigno Root CA 2009

I provide brief explanations for the 2019 audit findings as follows: > > * The following non-conformities were listed in the 2019 BR attestation > statement [9]: https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019121302_e-Szigno-Root-CA-2017_V1.1_s.pdf This is the latest

Auditing of CA facilities in lockdown

m.d.s.p community, Google Trust Services (GTS) would like to provide an update on a potential risk related to the "Auditing of CA facilities in lockdown because of an environmental disaster/pandemic" thread. Our annual audit period for all GTS CAs runs from October 1st of one year to

Sectigo: Failure to revoke certificate with previously-compromised key within 24 hours

At 2020-03-20 03:02:43 UTC, I sent a notification to sslab...@sectigo.com that certificate https://crt.sh/?id=1659219230 was using a private key with SPKI fingerprint 4c67cc2eb491585488bab29a89899e4e997648c7047c59e99a67c6123434f1eb, which was compromised due to being publicly disclosed. My e-mail