On Sun, Jul 12, 2020 at 4:19 PM Oscar Conesa via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> To obtain this confidence, CAs must comply with all the requirements
> that are imposed on them in the form of Policies, Norms, Standards and
> Audits that are decided on an
On Sun, Jul 12, 2020 at 10:13:59PM +0200, Oscar Conesa via dev-security-policy
wrote:
> Some CAs may want to assume a leadership role in the sector and unilaterally
> assume more additional strict security controls. That is totally legitimate.
> But it is also legitimate for other CAs to assume a
On Sat, 11 Jul 2020 11:06:56 +1000
Matt Palmer via dev-security-policy
wrote:
> A histogram of the number of certificates grouped by their notBefore
> date is going to show a heck of a bump on August 31, I'll wager.
> Will be interesting to correlate notBefore with SCTs.
I expect there will be a
On 12/7/20 2:21, Ryan Sleevi wrote:
I want to be clear here: CAs are not trusted by default. The existence
of a CA, within a Root Program, is not a blanket admission of trust in
the CA.
Here we have a deep disagreement: A CA within a Root Program must be
considered as a trusted CA by
4 matches
Mail list logo