Discussions - mozilla.dev.security.policy

	Timeframe for complying with version 2.2 of policy
	All, I propose the following timeframes for complying with version 2.2 of Mozilla's CA Certificate Policy once it is officially published. Please reply in this discussion if you have concerns about this, or recommendations on how to improve it. -- [link]... more » By Kathleen Wilson - May 16 - 1 new of 1 message

	FAQ: technically constraining a subCA that issues clientAuth certs
	All, I've added a question and answer to [link] The question: "3. How do I technically constrain an external subordinate CA certificate that will only be used to issue end-user certificates intended for client authentication?"... more » By Kathleen Wilson - May 9 - 1 new of 1 message

	Versions 2.2 of Mozilla's CA Certificate Policy
	All, I have summarized the currently proposed changes to version 2.2 of Mozilla's CA Certificate Policy here: [link] Is there anything else we should consider for this version? Note that I am hoping to keep the changes in this version minimal, and... more » By Kathleen Wilson - May 1 - 3 new of 3 messages

	Proposing an addition to the Enforcement Policy
	All, I propose adding the following line item to Mozilla's CA Certificate Enforcement Policy. [link] One knowingly or intentionally mis-issued certificate (for example, a certificate that can be used for MITM or traffic management of domain... more » By Kathleen Wilson - Apr 24 - 9 new of 9 messages

	Added Baseline Requirements Audit column
	All, I added a column to my spreadsheet ([link]) called "Baseline Requirements Audit". I will fill it in as I receive such audit statements. For reference: [link] Kathleen By Kathleen Wilson - Apr 23 - 1 new of 1 message

Duplicate CA?

When I use Certificate Manager to view CAs (the Authorities tab), I see the following two (among other CAs): TÜRKTRUST Bilgi İletişim ve Bilişim Güvenliği Hizmetleri A.Ş. (c) Kasım 2005 (c) 2005 TÜRKTRUST Bilgi İletişim ve Bilişim Güvenliği Hizmetleri A.Ş. Are these two distinct CAs or merely different ways of presenting the... more »

By David E. Ross - Apr 17 - 6 new of 6 messages

	Second discussion for GeoTrust EV Enablement Request
	The first discussion of GeoTrust s EV Enablement Request is here: [link] The request is documented in the following bug: [link] And in the pending certificates list here:... more » By Kathleen Wilson - Apr 11 - 3 new of 3 messages

	ACCV Request to include Renewed Root
	ACCV has applied to add the ACCVRAIZ1 root certificate and enable all three trust bits. This root certificate will eventually replace the Root CA Generalitat Valenciana root certificate that was included via bug #274100. The ACCV CA is operated by a government agency of Spain, and focuses its... more » By Kathleen Wilson - Apr 10 - 13 new of 13 messages

	Update Mozilla policy regarding version 1.1.3 of the BRs?
	All, The CA/Browser forum has introduced version 1.1.3 of the Baseline Requirements. The new version, as well as the previously published versions are available here: [link] Currently Mozilla s CA Certificate Policy says the following. [link]... more » By Kathleen Wilson - Apr 9 - 17 new of 17 messages

	New BR 11.1.4 regarding Applied-for new gTLD strings
	All, The CA/Browser Forum has introduced Baseline Requirement #11.1.4 to address security concerns that are introduced as applied-for new gTLD strings are granted. As soon as applied-for new gTLDs are approved, they must be treated as if they are delegated TLDs, and can no longer be used in internal name certificates.... more » By Kathleen Wilson - Apr 9 - 1 new of 1 message

1 - 10 of 575 « Newer | Older »

XML

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy

Account Options