Blocking Trust for WoSign CA Free SSL Certificate G2
Certificate Authority WoSign experienced multiple control failures in their
certificate issuance processes for the WoSign CA Free SSL Certificate G2
intermediate CA. Although no WoSign root is in the list of Apple trusted roots,
this
Do you have a link to that process and is it automated. Reason is I have a few
hundred startSSL certs that my clients rely on.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
On Sat, Oct 1, 2016 at 6:40 AM, wrote:
> Do you have a link to that process and is it automated. Reason is I have a
> few hundred startSSL certs that my clients rely on.
I can't speak for the specific process Apple is using, but in general
you can use https://crt.sh/ or
On Sat, Oct 01, 2016 at 11:35:06AM -0700, Percy wrote:
> "Apple products will trust individual existing certificates issued from this
> intermediate CA and published to public Certificate Transparency log servers
> by 2016-09-19"
>
> It seems that Apple has taken the explicit white-listed
On Sat, Oct 1, 2016 at 6:40 AM, wrote:
> Do you have a link to that process and is it automated. Reason is I have a
> few hundred startSSL certs that my clients rely on.
>
Apple's statement was limited specifically to WoSign. StartSSL certificates
won't be affected, though
Bonjour,
Le samedi 1 octobre 2016 11:02:21 UTC+2, Stefan Paletta a écrit :
[...]
> I have one question about the proposal: what is the rationale and
> justification for the one-year minimum distrust? While this seems quite
> reasonable at first glance, my thinking is this: clearly, the proposed
"Apple products will trust individual existing certificates issued from this
intermediate CA and published to public Certificate Transparency log servers by
2016-09-19"
It seems that Apple has taken the explicit white-listed approach despite the
size drawback mentioned in the other thread. I
7 matches
Mail list logo