On Monday, February 27, 2017 at 11:04:53 AM UTC-5, Gervase Markham wrote:
> Hi Doug,
>
> On 15/02/17 17:09, Gervase Markham wrote:
> > But currently GlobalSign employees still are?
> >
> > If so, can you help us understand why that's necessary? Given that you
> > control the domains used for
On Tuesday, February 28, 2017 at 7:29:30 AM UTC-5, Itzhak Daniel wrote:
> On Tuesday, February 28, 2017 at 1:38:25 PM UTC+2, Gervase Markham wrote:
> > I think that without more evidence we must assume that GlobalSign
> > validated this domain correctly at a time when it existed.
>
> There are
On Friday, March 17, 2017 at 5:37:38 AM UTC-4, Gervase Markham wrote:
> On 16/03/17 17:20, douglas beattie wrote:
> > Yes, RAs (trusted role employees) need to have the technical ability
> > to manually add domains to accounts. They can verify domains in one
> > of the 10 different methods and
On Thursday, March 16, 2017 at 6:59:41 AM UTC-4, Gervase Markham wrote:
> Hi Doug,
>
> On 03/03/17 11:17, Gervase Markham wrote:
> > That's lovely, but it doesn't answer my question. Let me restate it: why
> > does GlobalSign believe it is necessary to give employees the power to
> > add
Attachment was stripped, here it the content:
GlobalSign BR violation: EV Certificate with dNSName containing a space
On February 26, 2017, we received a report that there were multiple SANs in an
EV SSL Certificate that contained a space within it. Spaces are not permitted
characters, per
On Thursday, April 13, 2017 at 10:49:17 AM UTC-4, Gervase Markham wrote:
> On 13/04/17 14:23, Doug Beattie wrote:
> > In 3.2 the term Technically Constrained is not defined to be any
> > different than the BRs (or perhaps even less restrictive).
>
> You mean 2.3, right?
Yes, 2.3.
> I would say
I wanted to send out a short update of were we are on looking into the reported
Incapusla/testslsslfeb20.me certificate and the thread of comments and
questions above.
In this specific case the domain was verified within 39 months of
issuance/reissuance (no difference as Ryan pointed out).
In
his to find out why.
Doug
>
> Original Message
> From: douglas.beattie--- via dev-security-policy
> Sent: Tuesday, February 28, 2017 6:46 AM
>
> ...snip...
>
> > I also would like to have an official reply from GlobalSign saying that "on
> &
Misissuance Report
On February 25th 2017, we received a report that there was a SAN in an
Incapsula OV certificate (specifically an OV certificate issued via the
GlobalSign CloudSSL product) for a domain that is no longer registered
(testsslfeb20.me).
1) GlobalSign CloudSSL product
Hi Quirin,
I'm curious about how you recorded the historical information from DNS, can you
explain how this was requested and logged?
We logged the data used for issuance of the GlobalSign certificate at the time
of issuance and it's different from what you recorded.
We logged that there was
On Monday, November 6, 2017 at 6:40:58 AM UTC-5, Ben Laurie wrote:
> On 4 November 2017 at 19:54, Kathleen Wilson via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
> > On 11/4/17 5:36 AM, Daniel Cater wrote:
> >
> > I think those CAs need to re-validate their recently
On Thursday, February 6, 2020 at 6:05:20 PM UTC-5, Ryan Sleevi wrote:
> (Replying from the correct e-mail)
>
> On Thu, Feb 6, 2020 at 3:55 PM Doug Beattie via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
> > We should clarify the Mozilla policy to more clearly define
Ryan,
Given the recent announcement "SECURITY RELEVANT FOR CAs: The curious case of
the Dangerous Delegated Responded Cert", how does you discussion in this thread
relate to this? Are your responses here to a different question, because it
appears (likely my misinterpretation) from this
13 matches
Mail list logo