2018 9:31 AM
To: mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: DigiCert .onion certificates without Tor Service Descriptor Hash
extension
On 21 Mar 2018 17:58, Wayne Thayer via dev-security-policy
<dev-security-policy@lists.mozilla.org
<mailto:dev-security-policy@lists
On 21 Mar 2018 17:58, Wayne Thayer via dev-security-policy wrote:7. List of steps your CA is taking to resolve the situation and
ensure such issuance will not be repeated in the future, accompanied
with a timeline of when your CA expects to accomplish
t.com>
> Cc: mozilla-dev-security-pol...@lists.mozilla.org
> Subject: Re: DigiCert .onion certificates without Tor Service Descriptor
> Hash
> extension
>
> Thanks, Jeremy.
>
> I also found a certificate [1] with both 16-character.onion and
> 56-character.onion address
.mozilla.org
Subject: Re: DigiCert .onion certificates without Tor Service Descriptor Hash
extension
Thanks, Jeremy.
I also found a certificate [1] with both 16-character.onion and
56-character.onion addresses [2] listed in the SAN. The v3 address is not
included in the 2.23.140.1.31 extension,
t;
> Jeremy
>
> -Original Message-
> From: dev-security-policy
> <dev-security-policy-bounces+jeremy.rowley=digicert@lists.mozilla.org>
> On Behalf Of Alex Cohn via dev-security-policy
> Sent: Sunday, March 11, 2018 9:37 PM
> To: dev-security-policy@list
policy
Sent: Sunday, March 11, 2018 9:37 PM
To: dev-security-policy@lists.mozilla.org
Subject: DigiCert .onion certificates without Tor Service Descriptor Hash
extension
In the EV Guidelines [1], Appendix F states "The CA MUST include the CAB
Forum Tor Service Descriptor Has
In the EV Guidelines [1], Appendix F states "The CA MUST include the
CAB Forum Tor Service Descriptor Hash extension in the TBSCertificate
convey hashes of keys related to .onion addresses." This language was
added in Ballot 201 [2], which had an effective date of 8 July 2017.
The following
7 matches
Mail list logo