Groups
Conversations
All groups and messages
Send feedback to Google
Help
Sign in
Groups
dev-security-policy@mozilla.org
Conversations
About
dev-security-policy@mozilla.org
1–30 of 131
Welcome to the dev-security-policy group in which we discuss security-related policies, governance, and related topics; including discussion of
Mozilla’s Root Store Policy
and the
NSS root certificate store
.
Mailing List:
dev-security-policy@mozilla.or
g
Web:
https://groups.google.com/a/mo
zilla.org/g/dev-security-polic
y
Subscribe by sending email to:
dev-security-policy+subscribe@
mozilla.org
Unsubscribe by sending email to:
dev-security-policy+unsubscrib
e@mozilla.org
Previous archives:
https://groups.google.com/g/mo
zilla.dev.security.policy
RSS feed:
https://www.mail-archive.com/
dev-security-policy@mozilla.
org/maillist.xml
Mark all as read
Report abusive group
0 selected
Jacob Hoffman-Andrews
,
Ben Wilson
4
Jun 24
Clarification on affiliationChanged revocation reason code
"Subject's Name" would refer to the Organization Name. We can clarify that more. On Fri
unread,
Clarification on affiliationChanged revocation reason code
"Subject's Name" would refer to the Organization Name. We can clarify that more. On Fri
Jun 24
Ben Wilson
, …
Jeremy Rowley
12
Jun 24
Draft May 2022 CA Communication and Survey
I disagree. Revocation is the industry standard for cutting off issuance capability. In addition,
unread,
Draft May 2022 CA Communication and Survey
I disagree. Revocation is the industry standard for cutting off issuance capability. In addition,
Jun 24
Jeffrey Walton
, …
Peter Gutmann
9
Jun 22
Malformed Trustwave certificates in Mozilla's ca cert collection
'Aaron Gable' via dev-security-policy@mozilla.org <dev-security-policy@mozilla.org>
unread,
Malformed Trustwave certificates in Mozilla's ca cert collection
'Aaron Gable' via dev-security-policy@mozilla.org <dev-security-policy@mozilla.org>
Jun 22
Ben Wilson
Jun 15
MRSP § 3.3 Clarification re: public archiving of CPs and CPSes
All, In response to CA operators' requests for clarifications on our new Mozilla Root Store
unread,
MRSP § 3.3 Clarification re: public archiving of CPs and CPSes
All, In response to CA operators' requests for clarifications on our new Mozilla Root Store
Jun 15
Kathleen Wilson
13
Jun 8
Audit Reminder Email Summary - Intermediate Certificates
-------- Forwarded Message -------- Subject: Summary of June 2022 Outdated Audit Statements for
unread,
Audit Reminder Email Summary - Intermediate Certificates
-------- Forwarded Message -------- Subject: Summary of June 2022 Outdated Audit Statements for
Jun 8
Ryan Dickson
Jun 8
Updates from the Chrome Root Program
[Posting on behalf of the Chrome Root Program with permission from Kathleen] Hello, Earlier this week
unread,
Updates from the Chrome Root Program
[Posting on behalf of the Chrome Root Program with permission from Kathleen] Hello, Earlier this week
Jun 8
Jacob Hoffman-Andrews
,
Kathleen Wilson
2
May 19
Revocation reasons - different requirements in MRSP vs Wiki
On Thursday, May 19, 2022 at 12:07:26 PM UTC-7 js...@letsencrypt.org wrote: Working on an update to
unread,
Revocation reasons - different requirements in MRSP vs Wiki
On Thursday, May 19, 2022 at 12:07:26 PM UTC-7 js...@letsencrypt.org wrote: Working on an update to
May 19
Kathleen Wilson
, …
Matthias van de Meent
18
May 17
Audit Reminder Email Summary - Root Certificates
------- Forwarded Message -------- Subject: Summary of May 2022 Audit Reminder Emails Date: Tue, 17
unread,
Audit Reminder Email Summary - Root Certificates
------- Forwarded Message -------- Subject: Summary of May 2022 Audit Reminder Emails Date: Tue, 17
May 17
Kathleen Wilson
May 16
Security Blog Post about Revocation Reason Codes for TLS Server Certificates
All, I published a Mozilla Security Blog Post about revocation reason codes for TLS server
unread,
Security Blog Post about Revocation Reason Codes for TLS Server Certificates
All, I published a Mozilla Security Blog Post about revocation reason codes for TLS server
May 16
Brittany Randall
, …
Ben Wilson
32
May 11
Public Discussion of GoDaddy cross-signing two Certainly Intermediate Certificates
All, Public discussion and the 7-day last-call period recently ended[1], and Certainly's request
unread,
Public Discussion of GoDaddy cross-signing two Certainly Intermediate Certificates
All, Public discussion and the 7-day last-call period recently ended[1], and Certainly's request
May 11
Pan K
,
Ben Wilson
3
May 10
Historical progession of CCADB intermediates
Thx Ben. I had not though of that. At least that gives me some snapshots On Tuesday, May 10, 2022 at
unread,
Historical progession of CCADB intermediates
Thx Ben. I had not though of that. At least that gives me some snapshots On Tuesday, May 10, 2022 at
May 10
Ben Wilson
Apr 29
Mozilla Root Store Policy v. 2.8 Now Published
Mozilla's Root Store Policy, v. 2.8, is now published: https://www.mozilla.org/en-US/about/
unread,
Mozilla Root Store Policy v. 2.8 Now Published
Mozilla's Root Store Policy, v. 2.8, is now published: https://www.mozilla.org/en-US/about/
Apr 29
Ben Wilson
, …
Ryan Sleevi
51
Apr 29
Policy 2.8: Final Review of MRSP v. 2.8
Ryan and Corey, If there are still issues, can we punt this into version 2.9? Version 2.8 has been
unread,
Policy 2.8: Final Review of MRSP v. 2.8
Ryan and Corey, If there are still issues, can we punt this into version 2.9? Version 2.8 has been
Apr 29
Ben Wilson
2
Apr 26
Public Discussion of Certainly's Root Inclusion Request
All, On April 3, 2022, we began a three-week public discussion[1] on the request from Certainly for
unread,
Public Discussion of Certainly's Root Inclusion Request
All, On April 3, 2022, we began a three-week public discussion[1] on the request from Certainly for
Apr 26
Ben Wilson
2
Apr 25
Public Discussion of e-Tuğra's Inclusion Request
All, On March 29, 2022, we began a three-week public discussion[1] on the request from e-Tuğra for
unread,
Public Discussion of e-Tuğra's Inclusion Request
All, On March 29, 2022, we began a three-week public discussion[1] on the request from e-Tuğra for
Apr 25
Kathleen Wilson
, …
Corey Bonnell
7
Apr 19
DRAFT wiki.mozilla.org/CA/Revocation_Reasons
Hi Kathleen, Thanks for making these changes; they look good and add clarity. Thanks, Corey From:
unread,
DRAFT wiki.mozilla.org/CA/Revocation_Reasons
Hi Kathleen, Thanks for making these changes; they look good and add clarity. Thanks, Corey From:
Apr 19
Ben Wilson
Apr 14
Policy 2.8: Draft April 2022 CA Communication Survey
All, Below is a draft survey about Mozilla Root Store Policy v. 2.8 that I will be sending through
unread,
Policy 2.8: Draft April 2022 CA Communication Survey
All, Below is a draft survey about Mozilla Root Store Policy v. 2.8 that I will be sending through
Apr 14
Michael Guenther
Apr 12
SwissSign: Change of Company Structure
This message is to inform the CA/B community of an upcoming change of the company structure of
unread,
SwissSign: Change of Company Structure
This message is to inform the CA/B community of an upcoming change of the company structure of
Apr 12
Andrea Holland
Apr 11
SecureTrust rebranding
Hello, The SecureTrust Certification Authority, which was purchased by Sysnet Global Solutions in
unread,
SecureTrust rebranding
Hello, The SecureTrust Certification Authority, which was purchased by Sysnet Global Solutions in
Apr 11
Ben Wilson
, …
Ryan Sleevi
5
Apr 7
DRAFT of New Policy and Process for Externally-operated Subordinate CAs
I think these look great Ben. Thanks for being flexible. On Thu, Apr 7, 2022 at 7:03 PM Ben Wilson
unread,
DRAFT of New Policy and Process for Externally-operated Subordinate CAs
I think these look great Ben. Thanks for being flexible. On Thu, Apr 7, 2022 at 7:03 PM Ben Wilson
Apr 7
Ben Wilson
, …
Ryan Sleevi
40
Apr 7
Policy 2.8: MRSP Issue #219: Require ETSI auditors to be ACAB-c members
All, Here is an edit I've made: https://github.com/BenWilson-Mozilla/pkipolicy/commit/
unread,
Policy 2.8: MRSP Issue #219: Require ETSI auditors to be ACAB-c members
All, Here is an edit I've made: https://github.com/BenWilson-Mozilla/pkipolicy/commit/
Apr 7
Yann Droneaud
,
Ryan Dickson
2
Apr 7
Chrome Root store updates
Hi Yann, Our team continues to make preparations to launch the Chrome Root Store later this year.
unread,
Chrome Root store updates
Hi Yann, Our team continues to make preparations to launch the Chrome Root Store later this year.
Apr 7
Andrew Ayer
, …
Paul van Brouwershaven
14
Apr 6
Introducing OCSP Watch to Monitor OCSP Responder Reliability
Hi Vijay, You might want to check RFC 6960 appendix A - OCSP over HTTP: An HTTP-based OCSP response
unread,
Introducing OCSP Watch to Monitor OCSP Responder Reliability
Hi Vijay, You might want to check RFC 6960 appendix A - OCSP over HTTP: An HTTP-based OCSP response
Apr 6
Ben Wilson
Apr 4
Policy 2.8: MRSP Issue #238: Clarify that CAs can generate their own keys
All, I intend to address a minor issue in this batch of changes for MRSP v. 2.8. Currently, section
unread,
Policy 2.8: MRSP Issue #238: Clarify that CAs can generate their own keys
All, I intend to address a minor issue in this batch of changes for MRSP v. 2.8. Currently, section
Apr 4
Ben Wilson
, …
Ryan Sleevi
18
Apr 4
Policy 2.8: MRSP Issue #185: Require publication of outdated CA policy documents
Here is an edit to address this - https://github.com/BenWilson-Mozilla/pkipolicy/commit/
unread,
Policy 2.8: MRSP Issue #185: Require publication of outdated CA policy documents
Here is an edit to address this - https://github.com/BenWilson-Mozilla/pkipolicy/commit/
Apr 4
Ben Wilson
, …
Ryan Sleevi
18
Mar 31
Public Discussion of DigiCert's Inclusion Request
On March 9, 2022, we began a three-week public discussion on DigiCert's request to include four
unread,
Public Discussion of DigiCert's Inclusion Request
On March 9, 2022, we began a three-week public discussion on DigiCert's request to include four
Mar 31
Ben Wilson
, …
Ryan Sleevi
4
Mar 28
Policy 2.8: MRSP Issue #227: Clarify Meaning of "CP/CPS"
On Fri, Mar 25, 2022 at 4:32 PM Ben Wilson <bwilson@mozilla.com> wrote: 1- Should item 2. be
unread,
Policy 2.8: MRSP Issue #227: Clarify Meaning of "CP/CPS"
On Fri, Mar 25, 2022 at 4:32 PM Ben Wilson <bwilson@mozilla.com> wrote: 1- Should item 2. be
Mar 28
Ben Wilson
, …
Ryan Sleevi
7
Mar 28
Prioritization of Root CA Inclusion Requests
All, I've re-ordered the factors to emphasize (prioritize) CAs that are proposing separate roots.
unread,
Prioritization of Root CA Inclusion Requests
All, I've re-ordered the factors to emphasize (prioritize) CAs that are proposing separate roots.
Mar 28
Ben Wilson
Mar 25
Policy 2.8: MRSP Issue #234: Add Policy about CRL Revocation Reason Codes
All, I've copied the work that Kathleen and others have done on adding CRL Revocation Reason Code
unread,
Policy 2.8: MRSP Issue #234: Add Policy about CRL Revocation Reason Codes
All, I've copied the work that Kathleen and others have done on adding CRL Revocation Reason Code
Mar 25
Kathleen Wilson
Mar 24
CCADB Update: Derived Trust Bits on Intermediate Cert Records
All, Some changes have happened in regards to how the "Derived Trust Bits" and "EV SSL
unread,
CCADB Update: Derived Trust Bits on Intermediate Cert Records
All, Some changes have happened in regards to how the "Derived Trust Bits" and "EV SSL
Mar 24