Groups
Sign in
Groups
dev-security-policy@mozilla.org
Conversations
About
Send feedback
Help
dev-security-policy@mozilla.org
Contact owners and managers
1–30 of 241
Welcome to the dev-security-policy group in which we discuss security-related policies, governance, and related topics; including discussion of
Mozilla’s Root Store Policy
and the
NSS root certificate store
.
Mailing List:
dev-security-policy@mozilla.or
g
Web:
https://groups.google.com/a/mo
zilla.org/g/dev-security-polic
y
Subscribe by using the button "Ask to join group" and complete the box "Reason for joining".
Membership requests must provide context for your interest in joining the group. Requests without this information will be rejected.
Participation Guidelines:
https://www.mozilla.org/about/
governance/policies/participat
ion/
Participants:
https://wiki.mozilla.org/CA/Po
licy_Participants
Unsubscribe by sending email to:
dev-security-policy+unsubscrib
e@mozilla.org
Previous archives (2009-2021):
https://groups.google.com/g/mo
zilla.dev.security.policy
RSS feed:
https://www.mail-archive.com/d
ev-security-policy@mozilla.org
/maillist.xml
Mark all as read
Report group
0 selected
Ben Wilson
, …
Amir Omidi (aaomidi)
9
Apr 26
Public Discussion of Acquisition of e-commerce monitoring GmbH by AUSTRIA CARD-Plastikkarten und Ausweissysteme GmbH
Did you ever hear from them? On Tuesday, March 5, 2024 at 11:18:13 AM UTC-5 Ben Wilson wrote: All,
unread,
Public Discussion of Acquisition of e-commerce monitoring GmbH by AUSTRIA CARD-Plastikkarten und Ausweissysteme GmbH
Did you ever hear from them? On Tuesday, March 5, 2024 at 11:18:13 AM UTC-5 Ben Wilson wrote: All,
Apr 26
Wayne
Apr 24
CA Incident Transparency and Public Audits
Hello, I've been watching the Entrust saga of issues over the past month and keeping an eye on
unread,
CA Incident Transparency and Public Audits
Hello, I've been watching the Entrust saga of issues over the past month and keeping an eye on
Apr 24
Amir Omidi (aaomidi)
, …
David Adrian
4
Apr 22
Question about a random certificate I've found on CT
Thanks all! On Mon, Apr 22, 2024 at 7:05 AM 'David Adrian' via dev-security-policy@mozilla.
unread,
Question about a random certificate I've found on CT
Thanks all! On Mon, Apr 22, 2024 at 7:05 AM 'David Adrian' via dev-security-policy@mozilla.
Apr 22
Ben Wilson
Mar 25
Approval of Firmaprofesional CA Root-A Web
All, Public discussion regarding inclusion of the Firmaprofesional CA ROOT-A WEB began on the CCADB
unread,
Approval of Firmaprofesional CA Root-A Web
All, Public discussion regarding inclusion of the Firmaprofesional CA ROOT-A WEB began on the CCADB
Mar 25
Kathleen Wilson
, …
Marcel Levy
8
Mar 4
Retirement Announcement & Thank You!
Kathleen, Thank you for your work, and for creating a tool that's helped make the world a bit
unread,
Retirement Announcement & Thank You!
Kathleen, Thank you for your work, and for creating a tool that's helped make the world a bit
Mar 4
Suchan Seo
, …
Corey Bonnell
5
Feb 21
OCSP responde for serial number that exist but out of scope of OCSP reponder?
I agree with Aaron's assessment. In addition to the reasons from a compliance standpoint that
unread,
OCSP responde for serial number that exist but out of scope of OCSP reponder?
I agree with Aaron's assessment. In addition to the reasons from a compliance standpoint that
Feb 21
Kathleen Wilson
32
Feb 20
Audit Reminder Email Summary - Intermediate Certificates
-------- Forwarded Message -------- Subject: Summary of February 2024 Outdated Audit Statements for
unread,
Audit Reminder Email Summary - Intermediate Certificates
-------- Forwarded Message -------- Subject: Summary of February 2024 Outdated Audit Statements for
Feb 20
Kathleen Wilson
, …
Matthias van de Meent
39
Feb 20
Audit Reminder Email Summary - Root Certificates
-------- Forwarded Message -------- Subject: Summary of February 2024 Audit Reminder Emails Date: Tue
unread,
Audit Reminder Email Summary - Root Certificates
-------- Forwarded Message -------- Subject: Summary of February 2024 Audit Reminder Emails Date: Tue
Feb 20
Tavis Ormandy
, …
Corey Bonnell
17
Feb 15
BR revocation question
Hi Aaron, > A date no more than 12 months beyond thisUpdate. The acceptable validity intervals do
unread,
BR revocation question
Hi Aaron, > A date no more than 12 months beyond thisUpdate. The acceptable validity intervals do
Feb 15
Hanno Böck
, …
Tobias S. Josefowitz
3
Jan 18
Shared wildcard certificate in EV chargers
On Wed, Jan 17, 2024 at 3:51 PM Xiaohui Lam <inao...@gmail.com> wrote: > > This is a
unread,
Shared wildcard certificate in EV chargers
On Wed, Jan 17, 2024 at 3:51 PM Xiaohui Lam <inao...@gmail.com> wrote: > > This is a
Jan 18
Peter Mate Erdosi
,
Corey Bonnell
3
Jan 16
Compliance question about OCSP responder certificates
Thank you Corey, I found it! https://cabforum.org/2023/03/17/ballot-sc62v2-certificate-profiles-
unread,
Compliance question about OCSP responder certificates
Thank you Corey, I found it! https://cabforum.org/2023/03/17/ballot-sc62v2-certificate-profiles-
Jan 16
Jan Schaumann
, …
Matthew Hardeman
4
Jan 12
known bad certs blocklist
I also was going to point out that these are probably [at least] three different concepts: 1. There
unread,
known bad certs blocklist
I also was going to point out that these are probably [at least] three different concepts: 1. There
Jan 12
Ben Wilson
, …
Roman Fischer
7
Jan 4
Improvements to Vulnerability Disclosure wiki page
Thanks, Roman I have added "Email Address / Group Distribution List" as a clarification.
unread,
Improvements to Vulnerability Disclosure wiki page
Thanks, Roman I have added "Email Address / Group Distribution List" as a clarification.
Jan 4
Ben Wilson
Jan 3
Deutsche Telekom Security's Root Inclusion Request
All, Public discussion began on the CCADB Public List on Nov. 1, 2023 (https://groups.google.com/a/
unread,
Deutsche Telekom Security's Root Inclusion Request
All, Public discussion began on the CCADB Public List on Nov. 1, 2023 (https://groups.google.com/a/
Jan 3
Ben Wilson
2
Jan 2
S/MIME BR Transition Wiki Page
All, I am editing the S/MIME Baseline Requirements transition guidance wiki page (https://wiki.
unread,
S/MIME BR Transition Wiki Page
All, I am editing the S/MIME Baseline Requirements transition guidance wiki page (https://wiki.
Jan 2
Ben Wilson
12/19/23
D-Trust Inclusion Request (Email Trust Bit)
All, Public discussion concluded last Friday, Dec. 15, on the CCADB Public List, for D-Trust's
unread,
D-Trust Inclusion Request (Email Trust Bit)
All, Public discussion concluded last Friday, Dec. 15, on the CCADB Public List, for D-Trust's
12/19/23
Amir Omidi (aaomidi)
12/18/23
e-commerce monitoring GmbH and at what point does a CA get distrusted
Hi all, I am hoping to get some root program perspectives on this incident: https://bugzilla.mozilla.
unread,
e-commerce monitoring GmbH and at what point does a CA get distrusted
Hi all, I am hoping to get some root program perspectives on this incident: https://bugzilla.mozilla.
12/18/23
Phil Porada
, …
Dana Keeler
25
12/18/23
Let's Encrypt New Intermediate Certificates
Just a minor nit here, talking about "pinning roots" is a bit of an oxymoron because they
unread,
Let's Encrypt New Intermediate Certificates
Just a minor nit here, talking about "pinning roots" is a bit of an oxymoron because they
12/18/23
Aaron Gable
, …
Ryan Hurst
6
12/1/23
CP/CPS intra-document cross-references
Having read more, CP/CPS is in my life, and I cared to admit to it is my opinion that better to not
unread,
CP/CPS intra-document cross-references
Having read more, CP/CPS is in my life, and I cared to admit to it is my opinion that better to not
12/1/23
Ben Wilson
10/17/23
Updated Incident Reporting Requirements
All, The framework for reporting compliance incidents has been updated on the CCADB website. See
unread,
Updated Incident Reporting Requirements
All, The framework for reporting compliance incidents has been updated on the CCADB website. See
10/17/23
Ben Wilson
10/13/23
Intent to Approve Commscope's CA Inclusion Request
All, We recently concluded a 6-week public discussion on the CCADB list of the request for inclusion
unread,
Intent to Approve Commscope's CA Inclusion Request
All, We recently concluded a 6-week public discussion on the CCADB list of the request for inclusion
10/13/23
Ben Wilson
3
9/27/23
MRSP 2.9: Survey Results - August 2023 CA Communication and Survey
Here are summaries of questions and comments and our responses. Summary of Questions or Concerns
unread,
MRSP 2.9: Survey Results - August 2023 CA Communication and Survey
Here are summaries of questions and comments and our responses. Summary of Questions or Concerns
9/27/23
Kathleen Wilson
2
9/20/23
Ownership change for Mozilla CA Certificate Policy module
The module ownership has been updated. https://wiki.mozilla.org/Modules/All#Governance_Sub_Modules
unread,
Ownership change for Mozilla CA Certificate Policy module
The module ownership has been updated. https://wiki.mozilla.org/Modules/All#Governance_Sub_Modules
9/20/23
Ben Wilson
9/18/23
Blog Post About Mozilla Root Store Policy Version 2.9
All, Recently, I posted on the Mozilla Security Blog a brief overview of updates to the Mozilla Root
unread,
Blog Post About Mozilla Root Store Policy Version 2.9
All, Recently, I posted on the Mozilla Security Blog a brief overview of updates to the Mozilla Root
9/18/23
Ben Wilson
2
8/29/23
MRSP 2.9: Draft CA Communication and Survey
All, This August 2023 CA Communication and Survey was sent out to CAs already in our program last
unread,
MRSP 2.9: Draft CA Communication and Survey
All, This August 2023 CA Communication and Survey was sent out to CAs already in our program last
8/29/23
Tim Hollebeek
,
Aaron Poulsen
2
8/18/23
Mozilla Policy 2.9, section 3.1.4 and CCADB policy section 5.1
I do not feel this point it nitpicky. Externally-referenced documents increase the compliance burden
unread,
Mozilla Policy 2.9, section 3.1.4 and CCADB policy section 5.1
I do not feel this point it nitpicky. Externally-referenced documents increase the compliance burden
8/18/23
Ben Wilson
, …
Christophe Bonjean
8
8/18/23
MRSP 2.9: S/MIME BRs and Audits
All, The language decided upon for item 3 of MRSP section 1.1 (Scope of MRSP for end entity
unread,
MRSP 2.9: S/MIME BRs and Audits
All, The language decided upon for item 3 of MRSP section 1.1 (Scope of MRSP for end entity
8/18/23
Ben Wilson
2
8/18/23
MRSP 2.9: Issues 261, 263 and 267, Miscellaneous Clarifications and Corrections
All, I don't believe we received any comments or questions, and the proposed changes have been
unread,
MRSP 2.9: Issues 261, 263 and 267, Miscellaneous Clarifications and Corrections
All, I don't believe we received any comments or questions, and the proposed changes have been
8/18/23
Ben Wilson
2
8/18/23
MRSP 2.9: Issue #250: Clarify MRSP 5.3.2 to expressly include revoked CA certificates
All, Here is the currently proposed language for the first paragraph of MRSP section 5.3.2: The
unread,
MRSP 2.9: Issue #250: Clarify MRSP 5.3.2 to expressly include revoked CA certificates
All, Here is the currently proposed language for the first paragraph of MRSP section 5.3.2: The
8/18/23
Ben Wilson
,
Pedro Fuentes
5
8/18/23
MRSP 2.9: Issue #239: Audit Statement Content
All, In response to Tim Hollebeek's recent email on this topic (https://groups.google.com/a/
unread,
MRSP 2.9: Issue #239: Audit Statement Content
All, In response to Tim Hollebeek's recent email on this topic (https://groups.google.com/a/
8/18/23