Request to Include certSIGN Root CA G2 certificate

2020-05-06 Thread Ben Wilson via dev-security-policy
This request is for inclusion of the certSIGN Root CA G2 certificate and to turn on the Websites trust bit and for EV treatment. The request is documented in Bugzilla and in the CCADB as follows: https://bugzilla.mozilla.org/show_bug.cgi?id=1403453

RE: Sectigo: Failure to revoke certificate with compromised key

2020-05-06 Thread Robin Alden via dev-security-policy
> > The necessary evidence was provided to Sectigo and they have thus far > > failed to deal with the evidence or clearly articulate reasons for > > concluding this case to not be a compromise. > > What I've found works best when reporting these cases to m.d.s.p is to > provide all the

Re: Audit Reminders for Intermediate Certs

2020-05-06 Thread Ryan Sleevi via dev-security-policy
Sorry for the delayed reply here, but in the process of being surprised that there are still CAs with delays > 90 days, I was looking through historic patterns, and noticed this CA is a repeat from the year prior. That is, this CA,