Groups
Conversations
All groups and messages
Send feedback to Google
Help
Sign in
Groups
dev-security-policy@mozilla.org
Conversations
About
dev-security-policy@mozilla.org
1–30 of 191
Welcome to the dev-security-policy group in which we discuss security-related policies, governance, and related topics; including discussion of
Mozilla’s Root Store Policy
and the
NSS root certificate store
.
Mailing List:
dev-security-policy@mozilla.or
g
Web:
https://groups.google.com/a/mo
zilla.org/g/dev-security-polic
y
Subscribe by sending email to:
dev-security-policy+subscribe@
mozilla.org
.
Membership requests must provide context for your interest in joining the group. Requests without this information will be rejected.
Unsubscribe by sending email to:
dev-security-policy+unsubscrib
e@mozilla.org
Previous archives:
https://groups.google.com/g/mo
zilla.dev.security.policy
RSS feed:
https://www.mail-archive.com/d
ev-security-policy@mozilla.org
/maillist.xml
Mark all as read
Report abusive group
0 selected
Ben Wilson
, …
BJCA
6
Jan 26
Public Discussion re: Beijing CA (BJCA)
Thanks. Happy New Year. Sorry, the Spring Festival holiday delayed some time. BJCA separates and
unread,
Public Discussion re: Beijing CA (BJCA)
Thanks. Happy New Year. Sorry, the Spring Festival holiday delayed some time. BJCA separates and
Jan 26
Ben Wilson
, …
Roman Fischer
29
Jan 25
Proposed Updates to MRSP to Address Root CA Life Cycles
All, I've posted this draft section 7.4 to the Mozilla wiki - https://wiki.mozilla.org/CA/
unread,
Proposed Updates to MRSP to Address Root CA Life Cycles
All, I've posted this draft section 7.4 to the Mozilla wiki - https://wiki.mozilla.org/CA/
Jan 25
Ben Wilson
,
Kurt Seifried
4
Jan 24
MRSP Policy v. 2.8.1 Finalization
Hi, I haven't had anyone ask about the proposed effective date of this version 2.8.1. I don't
unread,
MRSP Policy v. 2.8.1 Finalization
Hi, I haven't had anyone ask about the proposed effective date of this version 2.8.1. I don't
Jan 24
Kathleen Wilson
, …
Jeffrey Walton
5
Jan 23
spammers on MDSP
On Mon, Jan 23, 2023 at 12:33 PM Ben Wilson <bwi...@mozilla.com> wrote: > >
unread,
spammers on MDSP
On Mon, Jan 23, 2023 at 12:33 PM Ben Wilson <bwi...@mozilla.com> wrote: > >
Jan 23
Ben Wilson
, …
Clint Wilson
14
Jan 23
Policy 2.8.1: MRSP Issue #256: Requirement that Partitioned CRLs include an Issuing Distribution Point extension
Hi Dimitris, The current expectation is described in the Apple Policy: Effective October 1, 2022, CA
unread,
Policy 2.8.1: MRSP Issue #256: Requirement that Partitioned CRLs include an Issuing Distribution Point extension
Hi Dimitris, The current expectation is described in the Apple Policy: Effective October 1, 2022, CA
Jan 23
Kathleen Wilson
, …
Matthias van de Meent
26
Jan 18
Audit Reminder Email Summary - Root Certificates
-------- Forwarded Message -------- Subject: Summary of January 2023 Audit Reminder Emails Date: Tue,
unread,
Audit Reminder Email Summary - Root Certificates
-------- Forwarded Message -------- Subject: Summary of January 2023 Audit Reminder Emails Date: Tue,
Jan 18
Hanno Böck
, …
wael wael
7
Jan 13
key with suspicious pattern
في الخميس، 15 ديسمبر 2022 في تمام الساعة 11:37:27 م UTC+2، كتب Stephan Verbücheln رسالة نصها: You can
unread,
key with suspicious pattern
في الخميس، 15 ديسمبر 2022 في تمام الساعة 11:37:27 م UTC+2، كتب Stephan Verbücheln رسالة نصها: You can
Jan 13
Kathleen Wilson
19
Jan 3
Audit Reminder Email Summary - Intermediate Certificates
-------- Forwarded Message -------- Subject: Summary of December 2022 Outdated Audit Statements for
unread,
Audit Reminder Email Summary - Intermediate Certificates
-------- Forwarded Message -------- Subject: Summary of December 2022 Outdated Audit Statements for
Jan 3
Prof. Reardon
, …
Rachel McPherson
38
12/23/22
concerns about Trustcor
Serge, You guys found an (easily-explained) domain name, and then basically assumed the rest, and
unread,
concerns about Trustcor
Serge, You guys found an (easily-explained) domain name, and then basically assumed the rest, and
12/23/22
Ben Wilson
,
Kurt Seifried
5
12/22/22
Root Inclusion Completeness Checks
Currently, I am very busy working on the CCADB updates. Maybe I can provide something in January.
unread,
Root Inclusion Completeness Checks
Currently, I am very busy working on the CCADB updates. Maybe I can provide something in January.
12/22/22
Ben Wilson
, …
John Han (hanyuwei70)
4
12/16/22
Public Discussion of BJCA's CA inclusion request
Quickly reviewed their site, they are focused in digital signature, key management and crypto
unread,
Public Discussion of BJCA's CA inclusion request
Quickly reviewed their site, they are focused in digital signature, key management and crypto
12/16/22
Ben Wilson
,
Kurt Seifried
4
12/10/22
Discussion of SERPRO Inclusion Request on CCADB Public
I think the problem is that I look at statements like: The person conducting initial information
unread,
Discussion of SERPRO Inclusion Request on CCADB Public
I think the problem is that I look at statements like: The person conducting initial information
12/10/22
Ben Wilson
,
Corey Bonnell
2
12/8/22
Policy 2.8.1: MRSP Issue #251: Full CRL Publication Requirements
Hi Ben, I believe the proposed language would allow a CA to issue a certificate but not disclose any
unread,
Policy 2.8.1: MRSP Issue #251: Full CRL Publication Requirements
Hi Ben, I believe the proposed language would allow a CA to issue a certificate but not disclose any
12/8/22
Prof. Reardon
, …
Kurt Seifried
7
12/8/22
concerns about Princeton Audit Group's auditing status
Hello: I have gotten information back from WebTrust. A company that is no longer listed means that
unread,
concerns about Princeton Audit Group's auditing status
Hello: I have gotten information back from WebTrust. A company that is no longer listed means that
12/8/22
Ben Wilson
,
Corey Bonnell
2
12/7/22
Policy 2.8.1: MRSP Issue #253: CAs MUST specify BR 3.2.2.4 Methods
The proposed change to a MUST is a good one, as I understand that disclosing the BR method numbers of
unread,
Policy 2.8.1: MRSP Issue #253: CAs MUST specify BR 3.2.2.4 Methods
The proposed change to a MUST is a good one, as I understand that disclosing the BR method numbers of
12/7/22
Ben Wilson
2
12/6/22
Wiki Dashboards Down
All, The dashboards are up and running again. Thanks, Ben On Tue, Dec 6, 2022 at 2:21 PM Ben Wilson
unread,
Wiki Dashboards Down
All, The dashboards are up and running again. Thanks, Ben On Tue, Dec 6, 2022 at 2:21 PM Ben Wilson
12/6/22
Antonios Chariton
, …
passerby184
5
12/2/22
CAA Records for IP Certificates
if they didn't open RDNS clients wouldn't allowed to override it: although I would say
unread,
CAA Records for IP Certificates
if they didn't open RDNS clients wouldn't allowed to override it: although I would say
12/2/22
Ben Wilson
11/28/22
Changes to the Mozilla CA Inclusion Dashboard
All, I have posted a question to the CCADB Public List regarding changes to the Mozilla certificate
unread,
Changes to the Mozilla CA Inclusion Dashboard
All, I have posted a question to the CCADB Public List regarding changes to the Mozilla certificate
11/28/22
Ben Wilson
, …
Melis ŞİMŞEK
5
11/28/22
KamuSM request to Expand to .tr ccTLD
All, I am closing the public discussion phase regarding this request. I will be recommending approval
unread,
KamuSM request to Expand to .tr ccTLD
All, I am closing the public discussion phase regarding this request. I will be recommending approval
11/28/22
Ian Carroll
, …
Peter Gutmann
12
11/28/22
Security concerns with the e-Tugra certificate authority
Ian Carroll <i...@ian.sh> writes: >There are many statements about M of N, HSM access, etc
unread,
Security concerns with the e-Tugra certificate authority
Ian Carroll <i...@ian.sh> writes: >There are many statements about M of N, HSM access, etc
11/28/22
Ben Wilson
,
Aaron Poulsen
5
11/22/22
Policy 2.8.1: Candidate Issues to Address in MRSP v. 2.8.1
All, I might try to get these in place before the end of 2022, but I think it's unlikely. While
unread,
Policy 2.8.1: Candidate Issues to Address in MRSP v. 2.8.1
All, I might try to get these in place before the end of 2022, but I think it's unlikely. While
11/22/22
Ben Wilson
2
11/21/22
New whiteboard tags for incidents reported on Bugzilla
All, Also, to keep the discussion clean and simple, just post your suggestions and recommendations to
unread,
New whiteboard tags for incidents reported on Bugzilla
All, Also, to keep the discussion clean and simple, just post your suggestions and recommendations to
11/21/22
Ben Wilson
, …
Matthias van de Meent
7
11/18/22
Policy 2.8.1: MRSP Issue #249: Clarification re: all CPs and CPSes
Hi Matthias, Thanks for the clarification. So, I think the goal is (and the language might have to be
unread,
Policy 2.8.1: MRSP Issue #249: Clarification re: all CPs and CPSes
Hi Matthias, Thanks for the clarification. So, I think the goal is (and the language might have to be
11/18/22
Ben Wilson
, …
Ryan Dickson
10
11/17/22
Policy 2.8.1: MRSP Issue #243: Update periods for CPs and CPSes
Hi Rufus, A CA's CP represents commitments by its owners regarding minimum expectations related
unread,
Policy 2.8.1: MRSP Issue #243: Update periods for CPs and CPSes
Hi Rufus, A CA's CP represents commitments by its owners regarding minimum expectations related
11/17/22
Ben Wilson
11/15/22
Policy 2.8.1: MRSP Issue #257: Requiring CAs to follow Discussions on the CCADB Public List
All, This discussion thread relates to Issue #257 in the Mozilla PKI Policy repository on GitHub. The
unread,
Policy 2.8.1: MRSP Issue #257: Requiring CAs to follow Discussions on the CCADB Public List
All, This discussion thread relates to Issue #257 in the Mozilla PKI Policy repository on GitHub. The
11/15/22
Kathleen Wilson
, …
Rob Stradling
6
11/14/22
Creating 'CA Program' Bugzilla Product
These changes have been completed, and the existing bugs for the following components have been
unread,
Creating 'CA Program' Bugzilla Product
These changes have been completed, and the existing bugs for the following components have been
11/14/22
Kathleen Wilson
2
11/14/22
CCADB Update: Changing Audit Reminder Email Templates and Logic
These changes are in CCADB production, and the first audit reminders based on the new template/logic
unread,
CCADB Update: Changing Audit Reminder Email Templates and Logic
These changes are in CCADB production, and the first audit reminders based on the new template/logic
11/14/22
Ben Wilson
11/10/22
Updates for CCADB Public Discussion Process
All, I have edited some of the Mozilla wiki pages to clarify that public discussion of certificate
unread,
Updates for CCADB Public Discussion Process
All, I have edited some of the Mozilla wiki pages to clarify that public discussion of certificate
11/10/22
Tim Callan
,
Tim Callan
2
11/10/22
Apocryphal root program requirements
The CCADB Steering Committee has opened a new forum for public trust matters that affect Certificate
unread,
Apocryphal root program requirements
The CCADB Steering Committee has opened a new forum for public trust matters that affect Certificate
11/10/22
Kathleen Wilson
2
11/9/22
Announcing CCADB Public Group
All Primary POCs currently listed in the CCADB have been subscribed to the CCADB Public Group, and
unread,
Announcing CCADB Public Group
All Primary POCs currently listed in the CCADB have been subscribed to the CCADB Public Group, and
11/9/22