Groups
Conversations
All groups and messages
Send feedback to Google
Help
Training
Sign in
Groups
dev-security-policy@mozilla.org
Conversations
About
dev-security-policy@mozilla.org
Contact owners and managers
1–30 of 230
Welcome to the dev-security-policy group in which we discuss security-related policies, governance, and related topics; including discussion of
Mozilla’s Root Store Policy
and the
NSS root certificate store
.
Mailing List:
dev-security-policy@mozilla.or
g
Web:
https://groups.google.com/a/mo
zilla.org/g/dev-security-polic
y
Subscribe by using the button "Ask to join group" and complete the box "Reason for joining".
Membership requests must provide context for your interest in joining the group. Requests without this information will be rejected.
Participation Guidelines:
https://www.mozilla.org/about/
governance/policies/participat
ion/
Participants:
https://wiki.mozilla.org/CA/Po
licy_Participants
Unsubscribe by sending email to:
dev-security-policy+unsubscrib
e@mozilla.org
Previous archives (2009-2021):
https://groups.google.com/g/mo
zilla.dev.security.policy
RSS feed:
https://www.mail-archive.com/d
ev-security-policy@mozilla.org
/maillist.xml
Mark all as read
Report abusive group
0 selected
Phil Porada
, …
Antonios Chariton
19
6:13 PM
Let's Encrypt New Intermediate Certificates
Hello everyone, I'd also like to jump in the conversation and say that I believe Let's
unread,
Let's Encrypt New Intermediate Certificates
Hello everyone, I'd also like to jump in the conversation and say that I believe Let's
6:13 PM
Hanno Böck
Dec 4
Shared wildcard certificate in EV chargers
Hello, I wanted to share an incident with shared certificates and keys on EV charger devices. I
unread,
Shared wildcard certificate in EV chargers
Hello, I wanted to share an incident with shared certificates and keys on EV charger devices. I
Dec 4
Aaron Gable
, …
Ryan Hurst
6
Dec 1
CP/CPS intra-document cross-references
Having read more, CP/CPS is in my life, and I cared to admit to it is my opinion that better to not
unread,
CP/CPS intra-document cross-references
Having read more, CP/CPS is in my life, and I cared to admit to it is my opinion that better to not
Dec 1
Ben Wilson
, …
Roman Fischer
6
Nov 23
Improvements to Vulnerability Disclosure wiki page
Dear Ben, Thanks for the effort you put into this and especially to align the markdown template to
unread,
Improvements to Vulnerability Disclosure wiki page
Dear Ben, Thanks for the effort you put into this and especially to align the markdown template to
Nov 23
Kathleen Wilson
29
Nov 21
Audit Reminder Email Summary - Intermediate Certificates
-------- Forwarded Message -------- Subject: Summary of November 2023 Outdated Audit Statements for
unread,
Audit Reminder Email Summary - Intermediate Certificates
-------- Forwarded Message -------- Subject: Summary of November 2023 Outdated Audit Statements for
Nov 21
Kathleen Wilson
, …
Matthias van de Meent
36
Nov 21
Audit Reminder Email Summary - Root Certificates
-------- Forwarded Message -------- Subject: Summary of November 2023 Audit Reminder Emails Date: Tue
unread,
Audit Reminder Email Summary - Root Certificates
-------- Forwarded Message -------- Subject: Summary of November 2023 Audit Reminder Emails Date: Tue
Nov 21
Ben Wilson
Oct 17
Updated Incident Reporting Requirements
All, The framework for reporting compliance incidents has been updated on the CCADB website. See
unread,
Updated Incident Reporting Requirements
All, The framework for reporting compliance incidents has been updated on the CCADB website. See
Oct 17
Ben Wilson
Oct 13
Intent to Approve Commscope's CA Inclusion Request
All, We recently concluded a 6-week public discussion on the CCADB list of the request for inclusion
unread,
Intent to Approve Commscope's CA Inclusion Request
All, We recently concluded a 6-week public discussion on the CCADB list of the request for inclusion
Oct 13
Ben Wilson
3
Sep 27
MRSP 2.9: Survey Results - August 2023 CA Communication and Survey
Here are summaries of questions and comments and our responses. Summary of Questions or Concerns
unread,
MRSP 2.9: Survey Results - August 2023 CA Communication and Survey
Here are summaries of questions and comments and our responses. Summary of Questions or Concerns
Sep 27
Kathleen Wilson
2
Sep 20
Ownership change for Mozilla CA Certificate Policy module
The module ownership has been updated. https://wiki.mozilla.org/Modules/All#Governance_Sub_Modules
unread,
Ownership change for Mozilla CA Certificate Policy module
The module ownership has been updated. https://wiki.mozilla.org/Modules/All#Governance_Sub_Modules
Sep 20
Ben Wilson
Sep 18
Blog Post About Mozilla Root Store Policy Version 2.9
All, Recently, I posted on the Mozilla Security Blog a brief overview of updates to the Mozilla Root
unread,
Blog Post About Mozilla Root Store Policy Version 2.9
All, Recently, I posted on the Mozilla Security Blog a brief overview of updates to the Mozilla Root
Sep 18
Ben Wilson
2
Aug 29
MRSP 2.9: Draft CA Communication and Survey
All, This August 2023 CA Communication and Survey was sent out to CAs already in our program last
unread,
MRSP 2.9: Draft CA Communication and Survey
All, This August 2023 CA Communication and Survey was sent out to CAs already in our program last
Aug 29
Tim Hollebeek
,
Aaron Poulsen
2
Aug 18
Mozilla Policy 2.9, section 3.1.4 and CCADB policy section 5.1
I do not feel this point it nitpicky. Externally-referenced documents increase the compliance burden
unread,
Mozilla Policy 2.9, section 3.1.4 and CCADB policy section 5.1
I do not feel this point it nitpicky. Externally-referenced documents increase the compliance burden
Aug 18
Ben Wilson
, …
Christophe Bonjean
8
Aug 18
MRSP 2.9: S/MIME BRs and Audits
All, The language decided upon for item 3 of MRSP section 1.1 (Scope of MRSP for end entity
unread,
MRSP 2.9: S/MIME BRs and Audits
All, The language decided upon for item 3 of MRSP section 1.1 (Scope of MRSP for end entity
Aug 18
Ben Wilson
2
Aug 18
MRSP 2.9: Issues 261, 263 and 267, Miscellaneous Clarifications and Corrections
All, I don't believe we received any comments or questions, and the proposed changes have been
unread,
MRSP 2.9: Issues 261, 263 and 267, Miscellaneous Clarifications and Corrections
All, I don't believe we received any comments or questions, and the proposed changes have been
Aug 18
Ben Wilson
2
Aug 18
MRSP 2.9: Issue #250: Clarify MRSP 5.3.2 to expressly include revoked CA certificates
All, Here is the currently proposed language for the first paragraph of MRSP section 5.3.2: The
unread,
MRSP 2.9: Issue #250: Clarify MRSP 5.3.2 to expressly include revoked CA certificates
All, Here is the currently proposed language for the first paragraph of MRSP section 5.3.2: The
Aug 18
Ben Wilson
,
Pedro Fuentes
5
Aug 18
MRSP 2.9: Issue #239: Audit Statement Content
All, In response to Tim Hollebeek's recent email on this topic (https://groups.google.com/a/
unread,
MRSP 2.9: Issue #239: Audit Statement Content
All, In response to Tim Hollebeek's recent email on this topic (https://groups.google.com/a/
Aug 18
Ben Wilson
2
Aug 18
MRSP 2.9: Issue #254: Harmonize CRL Reason Codes with CA/B Forum Revocation Reasons
All, Here are those changes as proposed in the previous email on this topic. https://github.com/
unread,
MRSP 2.9: Issue #254: Harmonize CRL Reason Codes with CA/B Forum Revocation Reasons
All, Here are those changes as proposed in the previous email on this topic. https://github.com/
Aug 18
Ben Wilson
Aug 17
TrustAsia CA Root Inclusion Request
All, Public discussion concluded yesterday, August 16th, on the CCADB Public List, for
unread,
TrustAsia CA Root Inclusion Request
All, Public discussion concluded yesterday, August 16th, on the CCADB Public List, for
Aug 17
Phil Porada
, …
Corey Bonnell
10
Aug 9
Unrestricted cross-signed Subordinate CA profile questions
The existence of this end-run around the system is why the current version of the BRs says "
unread,
Unrestricted cross-signed Subordinate CA profile questions
The existence of this end-run around the system is why the current version of the BRs says "
Aug 9
Ben Wilson
2
Aug 9
MRSP 2.9: Final Review of MRSP 2.9
All, Over the past couple of weeks (after my previous email on July 27), I have made additional
unread,
MRSP 2.9: Final Review of MRSP 2.9
All, Over the past couple of weeks (after my previous email on July 27), I have made additional
Aug 9
Watson Ladd
, …
Rob Stradling
14
Aug 3
Minimum issuance volume for established CAs?
> Why is this compression scheme likely to take off when there was no interest in pursuing my
unread,
Minimum issuance volume for established CAs?
> Why is this compression scheme likely to take off when there was no interest in pursuing my
Aug 3
Seo Suchan
,
Corey Bonnell
2
Jul 31
delegated additional domain validation lookup
Hi Seo, A CA must fulfill its obligation to perform domain validation as defined in BR 3.2.2.4 using
unread,
delegated additional domain validation lookup
Hi Seo, A CA must fulfill its obligation to perform domain validation as defined in BR 3.2.2.4 using
Jul 31
Ben Wilson
2
Jul 28
MRSP 2.9: S/MIME BRs Transition Timeline
Greetings again, This has been posted on our CA wiki page of transition instructions related to CA
unread,
MRSP 2.9: S/MIME BRs Transition Timeline
Greetings again, This has been posted on our CA wiki page of transition instructions related to CA
Jul 28
Ben Wilson
, …
Pedro Fuentes
14
Jul 28
MRSP 2.9: Issue #123: Annual Compliance Self-Assessment
Hello. OK. I see your point. I was thinking on the end date of the audit report that was uploaded.
unread,
MRSP 2.9: Issue #123: Annual Compliance Self-Assessment
Hello. OK. I see your point. I was thinking on the end date of the audit report that was uploaded.
Jul 28
Ben Wilson
, …
Roman Fischer
4
Jul 26
MRSP 2.9: Issues #252 and #266 - Incident Reporting
All, We have created a draft wiki page to explain vulnerability disclosure being proposed for v. 2.9
unread,
MRSP 2.9: Issues #252 and #266 - Incident Reporting
All, We have created a draft wiki page to explain vulnerability disclosure being proposed for v. 2.9
Jul 26
Ben Wilson
,
Rob Stradling
3
Jul 26
MRSP 2.9: Issue#232: Root CA Lifecycles
Thanks, Rob. I'll change it to a strong SHOULD. Ben On Wed, Jul 26, 2023 at 10:09 AM Rob
unread,
MRSP 2.9: Issue#232: Root CA Lifecycles
Thanks, Rob. I'll change it to a strong SHOULD. Ben On Wed, Jul 26, 2023 at 10:09 AM Rob
Jul 26
Ben Wilson
Jul 19
S/MIME BR Transition Wiki Page
All, I have created a wiki page (https://wiki.mozilla.org/CA/Transition_SMIME_BRs) to address
unread,
S/MIME BR Transition Wiki Page
All, I have created a wiki page (https://wiki.mozilla.org/CA/Transition_SMIME_BRs) to address
Jul 19
Ben Wilson
, …
Cynthia Revström
10
Jul 14
Review of e-Tugra's Inclusion in Mozilla’s Root Store
Hi Israr, First of all, I do not represent Mozilla in any way but I want to clarify that the decision
unread,
Review of e-Tugra's Inclusion in Mozilla’s Root Store
Hi Israr, First of all, I do not represent Mozilla in any way but I want to clarify that the decision
Jul 14
John Han (hanyuwei70)
, …
Jesper Kristensen
52
Jun 27
RCE used by Intermediate CA to issue certificates.
Den man. 19. jun. 2023 kl. 21.24 skrev Thomas Zermeno <madca...@gmail.com>: This is to
unread,
RCE used by Intermediate CA to issue certificates.
Den man. 19. jun. 2023 kl. 21.24 skrev Thomas Zermeno <madca...@gmail.com>: This is to
Jun 27