On 2009-06-22 15:10 PDT, Kyle Hamilton wrote:
>> https://wiki.mozilla.org/images/c/ce/BuiltIn-CAs.pdf
> Am I correct in inferring that to the best of your knowledge, if a root
> does not have a bug number associated with it, it is a "legacy" root (one
> that was inherited from Netscape/AOL)?
I d
Ian G wrote:
Are we going to enforce a 2048-bit root requirement after Dec 31, 2010
(per NIST non-classified recommendation)? If so, we need to get the
Digital Signature Trust Co Global CAs to update.
I would vote against following NIST on this. But it would be a
reasonable thing to send a
-bounces+varga_v=netlock...@lists.mozilla.org] On Behalf
Of Eddy Nigg
Sent: Tuesday, June 23, 2009 5:36 PM
To: dev-tech-crypto@lists.mozilla.org
Subject: Re: Full Listing of Included CAs
Hi Viktor,
The discussions moved to mozilla.dev.security.policy. Do you have an
open bug for this request?
On 06
> The discussions moved to mozilla.dev.security.policy. Do you have an
> open bug for this request?
Netlock's CA rollover request is in
https://bugzilla.mozilla.org/show_bug.cgi?id=480966
It is also in the queue for public discussion
https://wiki.mozilla.org/CA:Schedule#Queue_for_Public_Discussio
Hi Viktor,
The discussions moved to mozilla.dev.security.policy. Do you have an
open bug for this request?
On 06/23/2009 06:28 PM, Varga Viktor:
The collection of info is excellent.
Is it possible to get our rollover certificates into this update? :D
I didn't see too much root public discu
From: dev-tech-crypto-bounces+varga_v=netlock...@lists.mozilla.org
[mailto:dev-tech-crypto-bounces+varga_v=netlock...@lists.mozilla.org] On Behalf
Of Kathleen Wilson
Sent: Monday, June 22, 2009 10:12 PM
To: dev-tech-crypto@lists.mozilla.org
Subject: Full Listing of Included CAs
Based on the Firefo
I posted my response in mozilla.dev.security.policy. Let's continue
the discussion there.
Thanks,
Kathleen
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
On 22/6/09 22:23, Kyle Hamilton wrote:
Is there an updated request in the queue for O=ABC.ECOM, INC? That
one expires 7/9/2009, which is less than a month from now.
Good question.
Are we going to enforce a 2048-bit root requirement after Dec 31, 2010
(per NIST non-classified recommendation
Am I correct in inferring that to the best of your knowledge, if a
root does not have a bug number associated with it, it is a "legacy"
root (one that was inherited from Netscape/AOL)? If so, this is an
even more useful list so that we can see which roots need additional
examination. :)
-Kyle H
On 06/23/2009 12:51 AM, Kathleen Wilson:
Is there an updated request in the queue for O=ABC.ECOM, INC?
That one expires 7/9/2009, which is less than a month from now.
I cannot find a request regarding ABA.ECOM in Bugzilla.
That's an old legacy root.
--
Regards
Signer: Eddy Nigg, St
> Is there an updated request in the queue for O=ABC.ECOM, INC?
> That one expires 7/9/2009, which is less than a month from now.
I cannot find a request regarding ABA.ECOM in Bugzilla.
> Could I suggest that you also send a copy of this message
> (including URLs) to dev-security-policy?
Done
T
Could I suggest that you also send a copy of this message (including
URLs) to dev-security-policy? Much appreciated. :)
(And very good work!)
-Kyle H
On Mon, Jun 22, 2009 at 1:11 PM, Kathleen Wilson wrote:
> Based on the Firefox 3.5 beta, I created a table of all of the CAs
> that are Builtin O
On 06/22/2009 11:23 PM, Kyle Hamilton:
We've already had discussion why MD5 on the root isn't worrisome or
bothersome. I'm assuming that there are no attributes of the
certificate which contains the trust anchor which are actually
checked, and that the trust-bits are effectively set on the key
i
On 06/22/2009 11:11 PM, Kathleen Wilson:
Based on the Firefox 3.5 beta, I created a table of all of the CAs
that are Builtin Object Tokens. It is posted at:
https://wiki.mozilla.org/CA:Overview
which has a link called "List of included root certificates" which
points to
https://wiki.mozilla.org/i
Is there an updated request in the queue for O=ABC.ECOM, INC? That
one expires 7/9/2009, which is less than a month from now.
Are we going to enforce a 2048-bit root requirement after Dec 31, 2010
(per NIST non-classified recommendation)? If so, we need to get the
Digital Signature Trust Co Glob
Based on the Firefox 3.5 beta, I created a table of all of the CAs
that are Builtin Object Tokens. It is posted at:
https://wiki.mozilla.org/CA:Overview
which has a link called "List of included root certificates" which
points to
https://wiki.mozilla.org/images/c/ce/BuiltIn-CAs.pdf
I look forward
16 matches
Mail list logo
