On Tue, Mar 31, 2020 at 01:34:27PM +1100, Matt Palmer wrote:
> If someone would like to make the argument that it's a gray area because I
> submitted the revocation requests via ACME, rather than the CPS-provided
> e-mail address, well, I can switch to sending e-mails, but having a human
> process
On Mon, Mar 30, 2020 at 06:01:58PM -0400, Ryan Sleevi wrote:
> On Mon, Mar 30, 2020 at 5:43 PM Matt Palmer via dev-security-policy
> wrote:
> >
> > On Mon, Mar 30, 2020 at 01:48:28PM -0700, Josh Aas via dev-security-policy
> > wrote:
> > > Matt - It would be helpful if you could report issues
This change has been made and Kathleen Wilson is now the CA Certificate
Policy Module Owner.
On Fri, Mar 20, 2020 at 1:34 PM Wayne Thayer wrote:
> I posted the following message in the mozilla.governance forum.
>
> If you would like, please feel free to comment here in m.d.s.p.
>
> - Wayne
>
>
On Mon, Mar 30, 2020 at 5:43 PM Matt Palmer via dev-security-policy
wrote:
>
> On Mon, Mar 30, 2020 at 01:48:28PM -0700, Josh Aas via dev-security-policy
> wrote:
> > Matt - It would be helpful if you could report issues like this to the CA
> > in question, not just to mdsp.
>
> Helpful to
On Mon, Mar 30, 2020 at 01:48:28PM -0700, Josh Aas via dev-security-policy
wrote:
> Matt - It would be helpful if you could report issues like this to the CA
> in question, not just to mdsp.
Helpful to *whom*, exactly? I don't write up these reports to be helpful to
the CA in question; I write
On Mon, Mar 30, 2020 at 10:59:02AM -0400, Ryan Sleevi wrote:
> On Mon, Mar 30, 2020 at 6:28 AM Matt Palmer via dev-security-policy
> wrote:
> It's useful to focus on the goal, rather than the precise language, or
> where you see folks getting confused or misunderstanding things. That
> is,
On Monday, March 30, 2020 at 4:48:38 PM UTC-4, Josh Aas wrote:
> On Thursday, March 26, 2020 at 6:27:10 PM UTC-4, Ryan Sleevi wrote:
> > Apologies for the delay here. I filed
> > https://bugzilla.mozilla.org/show_bug.cgi?id=1625322 for this.
>
> We are looking into this.
>
> Matt - It would be
On Thursday, March 26, 2020 at 6:27:10 PM UTC-4, Ryan Sleevi wrote:
> Apologies for the delay here. I filed
> https://bugzilla.mozilla.org/show_bug.cgi?id=1625322 for this.
We are looking into this.
Matt - It would be helpful if you could report issues like this to the CA in
question, not just
Dear All,
Microsec Ltd. is dedicated to comply with the standards and industry best
practices at all times, including the applicable IETF RFCs, ETSI standards and
technical specifications, CA/Browser Forum Baseline Requirements, Extended
Validation Guidelines and Network Security Controls, as
Thanks for starting this!
On Mon, Mar 30, 2020 at 6:28 AM Matt Palmer via dev-security-policy
wrote:
> If such a modification were deemed appropriate for the BRs, I would suggest
> that the following changes would fit the bill. All sections, etc taken from
> version 1.6.7 of the BRs.
On Sat, Mar 28, 2020 at 07:11:43PM +1100, Matt Palmer wrote:
> In concert with my (human-mediated) revocation notifications, I have been
> sending semi-automated revocation requests to Let's Encrypt, using the ACME
> protocol. This has been extremely smooth and straightforward, and my life
> --
In my recent forays into mass-revocation for key compromise, one aspect that
was particularly frustrating and unnecessary was having to send revocation
requests for new certificates, issued by a CA using a private key which I
had previously reported as compromised to that same CA. Once a key is
12 matches
Mail list logo