Groups
Conversations
All groups and messages
Send feedback to Google
Help
Sign in
Groups
dev-security-policy@mozilla.org
Conversations
About
dev-security-policy@mozilla.org
1–30 of 193
Welcome to the dev-security-policy group in which we discuss security-related policies, governance, and related topics; including discussion of
Mozilla’s Root Store Policy
and the
NSS root certificate store
.
Mailing List:
dev-security-policy@mozilla.or
g
Web:
https://groups.google.com/a/mo
zilla.org/g/dev-security-polic
y
Subscribe by using the button "Ask to join group" and complete the box "Reason for joining".
Membership requests must provide context for your interest in joining the group. Requests without this information will be rejected.
Participation Guidelines:
https://www.mozilla.org/about/
governance/policies/participat
ion/
Participants:
https://wiki.mozilla.org/CA/Po
licy_Participants
Unsubscribe by sending email to:
dev-security-policy+unsubscrib
e@mozilla.org
Previous archives (2009-2021):
https://groups.google.com/g/mo
zilla.dev.security.policy
RSS feed:
https://www.mail-archive.com/d
ev-security-policy@mozilla.org
/maillist.xml
Mark all as read
Report abusive group
0 selected
Ben Wilson
, …
Kathleen Wilson
30
Mar 16
Public Discussion re: Beijing CA (BJCA)
Thank you, Mark, for providing a great write-up to explain the situation more clearly! And thank you
unread,
Public Discussion re: Beijing CA (BJCA)
Thank you, Mark, for providing a great write-up to explain the situation more clearly! And thank you
Mar 16
Kathleen Wilson
, …
Moudrick M. Dadashov
47
Mar 15
DRAFT: Root Inclusion Considerations
Not only "business nexus to a country..." but also to CA's problematic shareholders.
unread,
DRAFT: Root Inclusion Considerations
Not only "business nexus to a country..." but also to CA's problematic shareholders.
Mar 15
Ian Carroll
, …
Ryan Hurst
16
Feb 28
Security concerns with the e-Tugra certificate authority
Kathleen, Thanks for the update it is appreciated. Ryan On Tue, Feb 28, 2023 at 10:59 AM Kathleen
unread,
Security concerns with the e-Tugra certificate authority
Kathleen, Thanks for the update it is appreciated. Ryan On Tue, Feb 28, 2023 at 10:59 AM Kathleen
Feb 28
Kathleen Wilson
20
Feb 21
Audit Reminder Email Summary - Intermediate Certificates
-------- Forwarded Message -------- Subject: Summary of February 2023 Outdated Audit Statements for
unread,
Audit Reminder Email Summary - Intermediate Certificates
-------- Forwarded Message -------- Subject: Summary of February 2023 Outdated Audit Statements for
Feb 21
Kathleen Wilson
, …
Matthias van de Meent
27
Feb 21
Audit Reminder Email Summary - Root Certificates
-------- Forwarded Message -------- Subject: Summary of February 2023 Audit Reminder Emails Date: Tue
unread,
Audit Reminder Email Summary - Root Certificates
-------- Forwarded Message -------- Subject: Summary of February 2023 Audit Reminder Emails Date: Tue
Feb 21
Ben Wilson
,
Kurt Seifried
5
Feb 6
CA Communication re: Mozilla Root Store Policy (MRSP) Version 2.8.1
The "P1-P5" in Bugzilla shows the current prioritization. The dashboard is located here -
unread,
CA Communication re: Mozilla Root Store Policy (MRSP) Version 2.8.1
The "P1-P5" in Bugzilla shows the current prioritization. The dashboard is located here -
Feb 6
Ben Wilson
, …
Aaron Gable
5
Jan 30
MRSP Policy v. 2.8.1 Finalization
Hi Ben, No objection to a Feb 15th date from me, everything here looks good. Aaron On Tue, Jan 24,
unread,
MRSP Policy v. 2.8.1 Finalization
Hi Ben, No objection to a Feb 15th date from me, everything here looks good. Aaron On Tue, Jan 24,
Jan 30
Ben Wilson
, …
Roman Fischer
29
Jan 25
Proposed Updates to MRSP to Address Root CA Life Cycles
All, I've posted this draft section 7.4 to the Mozilla wiki - https://wiki.mozilla.org/CA/
unread,
Proposed Updates to MRSP to Address Root CA Life Cycles
All, I've posted this draft section 7.4 to the Mozilla wiki - https://wiki.mozilla.org/CA/
Jan 25
Kathleen Wilson
, …
Jeffrey Walton
5
Jan 23
spammers on MDSP
On Mon, Jan 23, 2023 at 12:33 PM Ben Wilson <bwi...@mozilla.com> wrote: > >
unread,
spammers on MDSP
On Mon, Jan 23, 2023 at 12:33 PM Ben Wilson <bwi...@mozilla.com> wrote: > >
Jan 23
Ben Wilson
, …
Clint Wilson
14
Jan 23
Policy 2.8.1: MRSP Issue #256: Requirement that Partitioned CRLs include an Issuing Distribution Point extension
Hi Dimitris, The current expectation is described in the Apple Policy: Effective October 1, 2022, CA
unread,
Policy 2.8.1: MRSP Issue #256: Requirement that Partitioned CRLs include an Issuing Distribution Point extension
Hi Dimitris, The current expectation is described in the Apple Policy: Effective October 1, 2022, CA
Jan 23
Hanno Böck
, …
wael wael
7
Jan 13
key with suspicious pattern
في الخميس، 15 ديسمبر 2022 في تمام الساعة 11:37:27 م UTC+2، كتب Stephan Verbücheln رسالة نصها: You can
unread,
key with suspicious pattern
في الخميس، 15 ديسمبر 2022 في تمام الساعة 11:37:27 م UTC+2، كتب Stephan Verbücheln رسالة نصها: You can
Jan 13
Prof. Reardon
, …
Rachel McPherson
38
12/23/22
concerns about Trustcor
Serge, You guys found an (easily-explained) domain name, and then basically assumed the rest, and
unread,
concerns about Trustcor
Serge, You guys found an (easily-explained) domain name, and then basically assumed the rest, and
12/23/22
Ben Wilson
,
Kurt Seifried
5
12/22/22
Root Inclusion Completeness Checks
Currently, I am very busy working on the CCADB updates. Maybe I can provide something in January.
unread,
Root Inclusion Completeness Checks
Currently, I am very busy working on the CCADB updates. Maybe I can provide something in January.
12/22/22
Ben Wilson
, …
John Han (hanyuwei70)
4
12/16/22
Public Discussion of BJCA's CA inclusion request
Quickly reviewed their site, they are focused in digital signature, key management and crypto
unread,
Public Discussion of BJCA's CA inclusion request
Quickly reviewed their site, they are focused in digital signature, key management and crypto
12/16/22
Ben Wilson
,
Kurt Seifried
4
12/10/22
Discussion of SERPRO Inclusion Request on CCADB Public
I think the problem is that I look at statements like: The person conducting initial information
unread,
Discussion of SERPRO Inclusion Request on CCADB Public
I think the problem is that I look at statements like: The person conducting initial information
12/10/22
Ben Wilson
,
Corey Bonnell
2
12/8/22
Policy 2.8.1: MRSP Issue #251: Full CRL Publication Requirements
Hi Ben, I believe the proposed language would allow a CA to issue a certificate but not disclose any
unread,
Policy 2.8.1: MRSP Issue #251: Full CRL Publication Requirements
Hi Ben, I believe the proposed language would allow a CA to issue a certificate but not disclose any
12/8/22
Prof. Reardon
, …
Kurt Seifried
7
12/8/22
concerns about Princeton Audit Group's auditing status
Hello: I have gotten information back from WebTrust. A company that is no longer listed means that
unread,
concerns about Princeton Audit Group's auditing status
Hello: I have gotten information back from WebTrust. A company that is no longer listed means that
12/8/22
Ben Wilson
,
Corey Bonnell
2
12/7/22
Policy 2.8.1: MRSP Issue #253: CAs MUST specify BR 3.2.2.4 Methods
The proposed change to a MUST is a good one, as I understand that disclosing the BR method numbers of
unread,
Policy 2.8.1: MRSP Issue #253: CAs MUST specify BR 3.2.2.4 Methods
The proposed change to a MUST is a good one, as I understand that disclosing the BR method numbers of
12/7/22
Ben Wilson
2
12/6/22
Wiki Dashboards Down
All, The dashboards are up and running again. Thanks, Ben On Tue, Dec 6, 2022 at 2:21 PM Ben Wilson
unread,
Wiki Dashboards Down
All, The dashboards are up and running again. Thanks, Ben On Tue, Dec 6, 2022 at 2:21 PM Ben Wilson
12/6/22
Antonios Chariton
, …
passerby184
5
12/2/22
CAA Records for IP Certificates
if they didn't open RDNS clients wouldn't allowed to override it: although I would say
unread,
CAA Records for IP Certificates
if they didn't open RDNS clients wouldn't allowed to override it: although I would say
12/2/22
Ben Wilson
11/28/22
Changes to the Mozilla CA Inclusion Dashboard
All, I have posted a question to the CCADB Public List regarding changes to the Mozilla certificate
unread,
Changes to the Mozilla CA Inclusion Dashboard
All, I have posted a question to the CCADB Public List regarding changes to the Mozilla certificate
11/28/22
Ben Wilson
, …
Melis ŞİMŞEK
5
11/28/22
KamuSM request to Expand to .tr ccTLD
All, I am closing the public discussion phase regarding this request. I will be recommending approval
unread,
KamuSM request to Expand to .tr ccTLD
All, I am closing the public discussion phase regarding this request. I will be recommending approval
11/28/22
Ben Wilson
,
Aaron Poulsen
5
11/22/22
Policy 2.8.1: Candidate Issues to Address in MRSP v. 2.8.1
All, I might try to get these in place before the end of 2022, but I think it's unlikely. While
unread,
Policy 2.8.1: Candidate Issues to Address in MRSP v. 2.8.1
All, I might try to get these in place before the end of 2022, but I think it's unlikely. While
11/22/22
Ben Wilson
2
11/21/22
New whiteboard tags for incidents reported on Bugzilla
All, Also, to keep the discussion clean and simple, just post your suggestions and recommendations to
unread,
New whiteboard tags for incidents reported on Bugzilla
All, Also, to keep the discussion clean and simple, just post your suggestions and recommendations to
11/21/22
Ben Wilson
, …
Matthias van de Meent
7
11/18/22
Policy 2.8.1: MRSP Issue #249: Clarification re: all CPs and CPSes
Hi Matthias, Thanks for the clarification. So, I think the goal is (and the language might have to be
unread,
Policy 2.8.1: MRSP Issue #249: Clarification re: all CPs and CPSes
Hi Matthias, Thanks for the clarification. So, I think the goal is (and the language might have to be
11/18/22
Ben Wilson
, …
Ryan Dickson
10
11/17/22
Policy 2.8.1: MRSP Issue #243: Update periods for CPs and CPSes
Hi Rufus, A CA's CP represents commitments by its owners regarding minimum expectations related
unread,
Policy 2.8.1: MRSP Issue #243: Update periods for CPs and CPSes
Hi Rufus, A CA's CP represents commitments by its owners regarding minimum expectations related
11/17/22
Ben Wilson
11/15/22
Policy 2.8.1: MRSP Issue #257: Requiring CAs to follow Discussions on the CCADB Public List
All, This discussion thread relates to Issue #257 in the Mozilla PKI Policy repository on GitHub. The
unread,
Policy 2.8.1: MRSP Issue #257: Requiring CAs to follow Discussions on the CCADB Public List
All, This discussion thread relates to Issue #257 in the Mozilla PKI Policy repository on GitHub. The
11/15/22
Kathleen Wilson
, …
Rob Stradling
6
11/14/22
Creating 'CA Program' Bugzilla Product
These changes have been completed, and the existing bugs for the following components have been
unread,
Creating 'CA Program' Bugzilla Product
These changes have been completed, and the existing bugs for the following components have been
11/14/22
Kathleen Wilson
2
11/14/22
CCADB Update: Changing Audit Reminder Email Templates and Logic
These changes are in CCADB production, and the first audit reminders based on the new template/logic
unread,
CCADB Update: Changing Audit Reminder Email Templates and Logic
These changes are in CCADB production, and the first audit reminders based on the new template/logic
11/14/22
Ben Wilson
11/10/22
Updates for CCADB Public Discussion Process
All, I have edited some of the Mozilla wiki pages to clarify that public discussion of certificate
unread,
Updates for CCADB Public Discussion Process
All, I have edited some of the Mozilla wiki pages to clarify that public discussion of certificate
11/10/22