hursday, March 18, 2021 2:53 PM
>> To: Doug Beattie
>> Cc: mozilla-dev-security-policy <
>> mozilla-dev-security-pol...@lists.mozilla.org>
>> Subject: Re: Policy 2.7.1: MRSP Issue #206: Limit re-use of domain name
>> verification to 398 days
>>
>
t does mean something more than that, can you
> update to make it more clear?
>
>
>
>
>
> From: Ben Wilson
> Sent: Thursday, March 18, 2021 2:53 PM
> To: Doug Beattie
> Cc: mozilla-dev-security-policy <
> mozilla-dev-security-pol...@lists.mozilla.org>
> Subjec
. If it does mean something more than that, can you update to
make it more clear?
From: Ben Wilson
Sent: Thursday, March 18, 2021 2:53 PM
To: Doug Beattie
Cc: mozilla-dev-security-policy
Subject: Re: Policy 2.7.1: MRSP Issue #206: Limit re-use of domain name
verification to 398 days
I've
e-
>> From: dev-security-policy
>> On Behalf Of Ben Wilson via dev-security-policy
>> Sent: Monday, March 8, 2021 6:38 PM
>> To: mozilla-dev-security-policy <
>> mozilla-dev-security-pol...@lists.mozilla.org>
>> Subject: Re: Policy 2.7.1: MRSP Issue
alf Of Ben Wilson via dev-security-policy
> Sent: Monday, March 8, 2021 6:38 PM
> To: mozilla-dev-security-policy <
> mozilla-dev-security-pol...@lists.mozilla.org>
> Subject: Re: Policy 2.7.1: MRSP Issue #206: Limit re-use of domain name
> verification to 398 days
>
> All,
riginal Message-
From: dev-security-policy On
Behalf Of Ben Wilson via dev-security-policy
Sent: Monday, March 8, 2021 6:38 PM
To: mozilla-dev-security-policy
Subject: Re: Policy 2.7.1: MRSP Issue #206: Limit re-use of domain name
verification to 398 days
All,
Here is the currently p
All,
Here is the currently proposed wording for subsection 5.1 of MRSP section
2.1:
" 5.1. for server certificates issued on or after October 1, 2021, verify
each dNSName or IPAddress in a SAN or commonName at an interval of 398 days
or less;"
Ben
On Fri, Feb 26, 2021 at 9:48 AM Ryan Sleevi
On Thu, Feb 25, 2021 at 7:55 PM Clint Wilson via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> I think it makes sense to separate out the date for domain validation
> expiration from the issuance of server certificates with previously
> validated domain names, but agree
of s/MIME being allowed for infinity time. The first
>>>> draft of the language looked like it may change this while the newer
>>>> language puts back the TLS limitation. If it's not addressed in this
>>>> update, adding clarification on domain verification reuse for SMIME
On Thu, Feb 25, 2021 at 2:29 PM Doug Beattie via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> I'd prefer that we tie this to a date related to when the domain
> validations are done, or perhaps 2 statements. As it stands (and as others
> have commented), on July 1 all
en Wilson via dev-security-policy
> Sent: Thursday, February 25, 2021 2:08 PM
> To: Mozilla
> Subject: Re: Policy 2.7.1: MRSP Issue #206: Limit re-use of domain name
> verification to 398 days
>
> All,
>
> I continue to move this Issue #206 forward with a proposed change
d consider?
Doug
-Original Message-
From: dev-security-policy On
Behalf Of Ben Wilson via dev-security-policy
Sent: Thursday, February 25, 2021 2:08 PM
To: Mozilla
Subject: Re: Policy 2.7.1: MRSP Issue #206: Limit re-use of domain name
verification to 398 days
All,
I continue to move
existing policy.
>>
>> -Original Message-
>> From: dev-security-policy
>> On Behalf Of Ben Wilson via dev-security-policy
>> Sent: Wednesday, December 2, 2020 2:22 PM
>> To: Ryan Sleevi
>> Cc: Doug Beattie ; Mozilla <
>> mozilla-dev
2020 2:22 PM
> To: Ryan Sleevi
> Cc: Doug Beattie ; Mozilla <
> mozilla-dev-security-pol...@lists.mozilla.org>
> Subject: Re: Policy 2.7.1: MRSP Issue #206: Limit re-use of domain name
> verification to 398 days
>
> See my responses inline below.
>
> On Tue, Dec 1,
, 2020 2:22 PM
To: Ryan Sleevi
Cc: Doug Beattie ; Mozilla
Subject: Re: Policy 2.7.1: MRSP Issue #206: Limit re-use of domain name
verification to 398 days
See my responses inline below.
On Tue, Dec 1, 2020 at 1:34 PM Ryan Sleevi wrote:
>
>
> On Tue, Dec 1, 2020 at 2:22 PM Ben Wilso
One potential approach would be to make it so that issuances after July 1,
2021 require a validation no more than 398 days old. The currently-proposed
wording ("verify that each dNSName or IPAddress is current and correct at
intervals of 398 days or less") lends itself to that interpretation, it
See my responses inline below.
On Tue, Dec 1, 2020 at 1:34 PM Ryan Sleevi wrote:
>
>
> On Tue, Dec 1, 2020 at 2:22 PM Ben Wilson via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
>> See responses inline below:
>>
>> On Tue, Dec 1, 2020 at 11:40 AM Doug Beattie > >
>>
On Tue, Dec 1, 2020 at 2:22 PM Ben Wilson via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> See responses inline below:
>
> On Tue, Dec 1, 2020 at 11:40 AM Doug Beattie
> wrote:
>
> > Hi Ben,
> >
> > For now I won’t comment on the 398 day limit or the date which you
>
mains/customers should not be affected
until then.
Cheers,
Ben
>
> Doug
>
> -Original Message-
> From: dev-security-policy
> On Behalf Of Ben Wilson via dev-security-policy
> Sent: Monday, November 30, 2020 2:27 PM
> To: mozilla-dev-security-policy <
> mozilla-dev
dev-security-policy
Sent: Monday, November 30, 2020 2:27 PM
To: mozilla-dev-security-policy
Subject: Policy 2.7.1: MRSP Issue #206: Limit re-use of domain name
verification to 398 days
The purpose of this email is to begin public discussion on a modification to
subsection 5 in section 2.1 of the
20 matches
Mail list logo