Re: Review of e-Tugra's Inclusion in Mozilla’s Root Store

Hi Israr, First of all, I do not represent Mozilla in any way but I want to clarify that the decision has now been made, the time for comments is over. However I do still want to point out that this very email kinda highlights some of the issues with e-Tugra in terms of not

Re: Review of e-Tugra's Inclusion in Mozilla’s Root Store

Dear Ben, Kathleen, Mozilla Security Policy Team & Community, We write to express our concern over the proposed decision to remove E-Tuğra Root CA Certificates from Mozilla's Root Store. We have been serving as a trusted certificate authority for the past 15 years, managing not only SSL

Re: Review of e-Tugra's Inclusion in Mozilla’s Root Store

All, Thanks again to all who contributed your expertise and resources in investigating and commenting on the e-Tugra breach, as described in a blog post by Ian Carroll and in subsequent discussions here on the Mozilla dev-security-policy list

Re: Review of e-Tugra's Inclusion in Mozilla’s Root Store

Dear Kurt Seifried, Thank you for bringing this to our attention. We would like to clarify that our both personal and corporate email accounts are subscribed. The comments were initially posted using the Google Groups web interface and at that time, Google Chrome was logged in and

Re: Review of e-Tugra's Inclusion in Mozilla’s Root Store

On Tue, Jun 6, 2023 at 7:54 AM Israr Ahmed wrote: > > Dear Mozilla community members, > > E-Tugra treated this incident with utmost seriousness upon its report, taking > immediate actions as acknowledged by Ian Carroll on November 18, 2022 >

Re: Review of e-Tugra's Inclusion in Mozilla’s Root Store

Can we get some proof that you represent E-Tugra? I mean... can you not afford a domain name to email from? On Tue, Jun 6, 2023 at 8:54 AM Israr Ahmed wrote: > Dear Mozilla community members, > > E-Tugra treated this incident with utmost seriousness upon its report, > taking immediate actions

Re: Review of e-Tugra's Inclusion in Mozilla’s Root Store

Dear Mozilla community members, E-Tugra treated this incident with utmost seriousness upon its report, taking immediate actions as acknowledged by Ian Carroll on November 18, 2022 https://groups.google.com/a/ccadb.org/g/public/c/SXAeHT04TFc/m/AJ8S0XuXAwAJ?utm_medium=email_source=footer It is

Re: Review of e-Tugra's Inclusion in Mozilla’s Root Store

My observations: If you look at this thread: https://groups.google.com/a/ccadb.org/g/public/c/SXAeHT04TFc/m/69LVodC-HgAJ It's not clear that E-Tugra replied, "" did, but there's exactly one hit in Google on that email address. Ditto for " dtok...@gmail.com". Can we get a confirmation that these

Re: Review of e-Tugra's Inclusion in Mozilla’s Root Store

Hi, I think it is quite clear that e-Tugra has demonstrated that they are not able to handle the responsibilities that come with being a publicly trusted CA. Additionally, as there would be no user impact as a result of distrusting e-Tugra it seems to me that removal is the obvious choice.

Review of e-Tugra's Inclusion in Mozilla’s Root Store

Dear Mozilla Community, This email relates to the e-Tugra breach that was described in a blog post by Ian Carroll and subsequent discussions here and in CCADB Public