Re: Public Discussion of GlobalSign's CA Inclusion Request for R46, E46, R45 and E45 Roots

On Thu, 11 Feb 2021 15:12:46 -0500 Ryan Sleevi via dev-security-policy wrote: > So I'd say feel free to ask your question there, which helps make > sure it's answered before the issue is closed. Good point. In this case Arvid has clarified that in fact the ticket now has an updated sheet which

Re: Public Discussion of GlobalSign's CA Inclusion Request for R46, E46, R45 and E45 Roots

All, On Monday, I'm going to recommend to Kathleen that we proceed with these root inclusion requests of GlobalSign. Please let us know if there are any concerns. Thanks, Ben On Fri, Feb 12, 2021 at 7:31 AM Arvid Vermote via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: >

RE: Public Discussion of GlobalSign's CA Inclusion Request for R46, E46, R45 and E45 Roots

Hi Nick We attached an updated version of the affected certificate overview to the bug on February 10, which does contain the date of order and date of issuance. Thanks Arvid > -Original Message- > From: dev-security-policy On > Behalf Of Nick Lamb via dev-security-policy > Sent:

Re: Public Discussion of GlobalSign's CA Inclusion Request for R46, E46, R45 and E45 Roots

On Thu, Feb 11, 2021 at 1:11 PM Nick Lamb via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > I have a question (if I should write it in Bugzilla instead please say > so it is unclear to me what the correct protocol is) > While Mozilla Policy permits discussion in both, I

Re: Public Discussion of GlobalSign's CA Inclusion Request for R46, E46, R45 and E45 Roots

On Tue, 9 Feb 2021 14:29:15 -0700 Ben Wilson via dev-security-policy wrote: > All, > GlobalSign has provided a very detailed incident report in Bugzilla - > see https://bugzilla.mozilla.org/show_bug.cgi?id=1690807#c2. > There are a few remaining questions that still need to be answered, > so

Re: Public Discussion of GlobalSign's CA Inclusion Request for R46, E46, R45 and E45 Roots

All, GlobalSign has provided a very detailed incident report in Bugzilla - see https://bugzilla.mozilla.org/show_bug.cgi?id=1690807#c2. There are a few remaining questions that still need to be answered, so this email is just to keep you aware. Hopefully later this week I'll be able to come back

Re: Public Discussion of GlobalSign's CA Inclusion Request for R46, E46, R45 and E45 Roots

All, Under Step 10 of the https://wiki.mozilla.org/CA/Application_Process, this is notice of a "further question or concern" that has arisen concerning GlobalSign's issuance of a 1024-bit RSA certificate. See https://bugzilla.mozilla.org/show_bug.cgi?id=1690807. GlobalSign has indicated that it

Re: Public Discussion of GlobalSign's CA Inclusion Request for R46, E46, R45 and E45 Roots

On January 11, 2021, we began the public discussion period [Step 4 of the Mozilla Root Store CA Application Process ] for the above-referenced GlobalSign inclusion request. *Summary of Discussion and Completion of Action Items [Steps 5-8]:*

Re: Public Discussion of GlobalSign's CA Inclusion Request for R46, E46, R45 and E45 Roots

This is a reminder that I will close discussion on this tomorrow. On Mon, Jan 11, 2021 at 5:59 PM Ben Wilson wrote: > This is to announce the beginning of the public discussion phase of the > Mozilla root CA inclusion process for GlobalSign. > > See

Re: Public Discussion of GlobalSign's CA Inclusion Request for R46, E46, R45 and E45 Roots

Hey Ben, I know discussion here has been quiet, but in light of other threads going on, I actually want to say I'm very supportive of GlobalSign's plan here, and surprised they didn't call more attention to it, because it's something to be proud of. As I understand it, and happy to be corrected