Groups
Sign in
Groups
dev-security-policy@mozilla.org
Conversations
About
Send feedback
Help
dev-security-policy@mozilla.org
Contact owners and managers
1–30 of 245
Welcome to the dev-security-policy group in which we discuss security-related policies, governance, and related topics; including discussion of
Mozilla’s Root Store Policy
and the
NSS root certificate store
.
Mailing List:
dev-security-policy@mozilla.or
g
Web:
https://groups.google.com/a/mo
zilla.org/g/dev-security-polic
y
Subscribe by using the button "Ask to join group" and complete the box "Reason for joining".
Membership requests must provide context for your interest in joining the group. Requests without this information will be rejected.
Participation Guidelines:
https://www.mozilla.org/about/
governance/policies/participat
ion/
Participants:
https://wiki.mozilla.org/CA/Po
licy_Participants
Unsubscribe by sending email to:
dev-security-policy+unsubscrib
e@mozilla.org
Previous archives (2009-2021):
https://groups.google.com/g/mo
zilla.dev.security.policy
RSS feed:
https://www.mail-archive.com/d
ev-security-policy@mozilla.org
/maillist.xml
Mark all as read
Report group
0 selected
Ben Wilson
, …
Wayne
7
May 11
Recent Entrust Compliance Incidents
I can't speak for everyone but in an issue of public trust asking for private feedback and
unread,
Recent Entrust Compliance Incidents
I can't speak for everyone but in an issue of public trust asking for private feedback and
May 11
Ben Wilson
, …
Amir Omidi (aaomidi)
18
May 7
Public Discussion of Acquisition of e-commerce monitoring GmbH by AUSTRIA CARD-Plastikkarten und Ausweissysteme GmbH
I just wanted to point out that e-commerce's communication is still very-very delayed: https://
unread,
Public Discussion of Acquisition of e-commerce monitoring GmbH by AUSTRIA CARD-Plastikkarten und Ausweissysteme GmbH
I just wanted to point out that e-commerce's communication is still very-very delayed: https://
May 7
Mike Shaver
,
Ben Wilson
2
May 6
comment on Entrust_Issues wiki page
All, I hadn't announced this page yet, hoping to reference it in an email currently undergoing
unread,
comment on Entrust_Issues wiki page
All, I hadn't announced this page yet, hoping to reference it in an email currently undergoing
May 6
Felix Linker
,
Andrew Ayer
3
May 3
CT Log Inclusion check: get-entry-and-proof unexpectedly returns "Not found"
Thanks for the pointer, Andrew! Best, Felix On 3 May 2024, at 00:29, Andrew Ayer <agwa@andrewayer.
unread,
CT Log Inclusion check: get-entry-and-proof unexpectedly returns "Not found"
Thanks for the pointer, Andrew! Best, Felix On 3 May 2024, at 00:29, Andrew Ayer <agwa@andrewayer.
May 3
Mike Shaver
, …
Andrew Ayer
5
May 2
evaluation of aggregate behaviour for CAs
Oh, I feel dumb for not searching the old Google group, considering that I used to subscribe to it.
unread,
evaluation of aggregate behaviour for CAs
Oh, I feel dumb for not searching the old Google group, considering that I used to subscribe to it.
May 2
Wayne
,
Mike Shaver
3
Apr 27
CA Incident Transparency and Public Audits
Thanks, Wayne. I think this sort of analysis is quite valuable for constructing a reliable history of
unread,
CA Incident Transparency and Public Audits
Thanks, Wayne. I think this sort of analysis is quite valuable for constructing a reliable history of
Apr 27
Amir Omidi (aaomidi)
, …
David Adrian
4
Apr 22
Question about a random certificate I've found on CT
Thanks all! On Mon, Apr 22, 2024 at 7:05 AM 'David Adrian' via dev-security-policy@mozilla.
unread,
Question about a random certificate I've found on CT
Thanks all! On Mon, Apr 22, 2024 at 7:05 AM 'David Adrian' via dev-security-policy@mozilla.
Apr 22
Ben Wilson
Mar 25
Approval of Firmaprofesional CA Root-A Web
All, Public discussion regarding inclusion of the Firmaprofesional CA ROOT-A WEB began on the CCADB
unread,
Approval of Firmaprofesional CA Root-A Web
All, Public discussion regarding inclusion of the Firmaprofesional CA ROOT-A WEB began on the CCADB
Mar 25
Kathleen Wilson
, …
Marcel Levy
8
Mar 4
Retirement Announcement & Thank You!
Kathleen, Thank you for your work, and for creating a tool that's helped make the world a bit
unread,
Retirement Announcement & Thank You!
Kathleen, Thank you for your work, and for creating a tool that's helped make the world a bit
Mar 4
Suchan Seo
, …
Corey Bonnell
5
Feb 21
OCSP responde for serial number that exist but out of scope of OCSP reponder?
I agree with Aaron's assessment. In addition to the reasons from a compliance standpoint that
unread,
OCSP responde for serial number that exist but out of scope of OCSP reponder?
I agree with Aaron's assessment. In addition to the reasons from a compliance standpoint that
Feb 21
Kathleen Wilson
32
Feb 20
Audit Reminder Email Summary - Intermediate Certificates
-------- Forwarded Message -------- Subject: Summary of February 2024 Outdated Audit Statements for
unread,
Audit Reminder Email Summary - Intermediate Certificates
-------- Forwarded Message -------- Subject: Summary of February 2024 Outdated Audit Statements for
Feb 20
Kathleen Wilson
, …
Matthias van de Meent
39
Feb 20
Audit Reminder Email Summary - Root Certificates
-------- Forwarded Message -------- Subject: Summary of February 2024 Audit Reminder Emails Date: Tue
unread,
Audit Reminder Email Summary - Root Certificates
-------- Forwarded Message -------- Subject: Summary of February 2024 Audit Reminder Emails Date: Tue
Feb 20
Tavis Ormandy
, …
Corey Bonnell
17
Feb 15
BR revocation question
Hi Aaron, > A date no more than 12 months beyond thisUpdate. The acceptable validity intervals do
unread,
BR revocation question
Hi Aaron, > A date no more than 12 months beyond thisUpdate. The acceptable validity intervals do
Feb 15
Hanno Böck
, …
Tobias S. Josefowitz
3
Jan 18
Shared wildcard certificate in EV chargers
On Wed, Jan 17, 2024 at 3:51 PM Xiaohui Lam <inao...@gmail.com> wrote: > > This is a
unread,
Shared wildcard certificate in EV chargers
On Wed, Jan 17, 2024 at 3:51 PM Xiaohui Lam <inao...@gmail.com> wrote: > > This is a
Jan 18
Peter Mate Erdosi
,
Corey Bonnell
3
Jan 16
Compliance question about OCSP responder certificates
Thank you Corey, I found it! https://cabforum.org/2023/03/17/ballot-sc62v2-certificate-profiles-
unread,
Compliance question about OCSP responder certificates
Thank you Corey, I found it! https://cabforum.org/2023/03/17/ballot-sc62v2-certificate-profiles-
Jan 16
Jan Schaumann
, …
Matthew Hardeman
4
Jan 12
known bad certs blocklist
I also was going to point out that these are probably [at least] three different concepts: 1. There
unread,
known bad certs blocklist
I also was going to point out that these are probably [at least] three different concepts: 1. There
Jan 12
Ben Wilson
, …
Roman Fischer
7
Jan 4
Improvements to Vulnerability Disclosure wiki page
Thanks, Roman I have added "Email Address / Group Distribution List" as a clarification.
unread,
Improvements to Vulnerability Disclosure wiki page
Thanks, Roman I have added "Email Address / Group Distribution List" as a clarification.
Jan 4
Ben Wilson
Jan 3
Deutsche Telekom Security's Root Inclusion Request
All, Public discussion began on the CCADB Public List on Nov. 1, 2023 (https://groups.google.com/a/
unread,
Deutsche Telekom Security's Root Inclusion Request
All, Public discussion began on the CCADB Public List on Nov. 1, 2023 (https://groups.google.com/a/
Jan 3
Ben Wilson
2
Jan 2
S/MIME BR Transition Wiki Page
All, I am editing the S/MIME Baseline Requirements transition guidance wiki page (https://wiki.
unread,
S/MIME BR Transition Wiki Page
All, I am editing the S/MIME Baseline Requirements transition guidance wiki page (https://wiki.
Jan 2
Ben Wilson
12/19/23
D-Trust Inclusion Request (Email Trust Bit)
All, Public discussion concluded last Friday, Dec. 15, on the CCADB Public List, for D-Trust's
unread,
D-Trust Inclusion Request (Email Trust Bit)
All, Public discussion concluded last Friday, Dec. 15, on the CCADB Public List, for D-Trust's
12/19/23
Amir Omidi (aaomidi)
12/18/23
e-commerce monitoring GmbH and at what point does a CA get distrusted
Hi all, I am hoping to get some root program perspectives on this incident: https://bugzilla.mozilla.
unread,
e-commerce monitoring GmbH and at what point does a CA get distrusted
Hi all, I am hoping to get some root program perspectives on this incident: https://bugzilla.mozilla.
12/18/23
Phil Porada
, …
Dana Keeler
25
12/18/23
Let's Encrypt New Intermediate Certificates
Just a minor nit here, talking about "pinning roots" is a bit of an oxymoron because they
unread,
Let's Encrypt New Intermediate Certificates
Just a minor nit here, talking about "pinning roots" is a bit of an oxymoron because they
12/18/23
Aaron Gable
, …
Ryan Hurst
6
12/1/23
CP/CPS intra-document cross-references
Having read more, CP/CPS is in my life, and I cared to admit to it is my opinion that better to not
unread,
CP/CPS intra-document cross-references
Having read more, CP/CPS is in my life, and I cared to admit to it is my opinion that better to not
12/1/23
Ben Wilson
10/17/23
Updated Incident Reporting Requirements
All, The framework for reporting compliance incidents has been updated on the CCADB website. See
unread,
Updated Incident Reporting Requirements
All, The framework for reporting compliance incidents has been updated on the CCADB website. See
10/17/23
Ben Wilson
10/13/23
Intent to Approve Commscope's CA Inclusion Request
All, We recently concluded a 6-week public discussion on the CCADB list of the request for inclusion
unread,
Intent to Approve Commscope's CA Inclusion Request
All, We recently concluded a 6-week public discussion on the CCADB list of the request for inclusion
10/13/23
Ben Wilson
3
9/27/23
MRSP 2.9: Survey Results - August 2023 CA Communication and Survey
Here are summaries of questions and comments and our responses. Summary of Questions or Concerns
unread,
MRSP 2.9: Survey Results - August 2023 CA Communication and Survey
Here are summaries of questions and comments and our responses. Summary of Questions or Concerns
9/27/23
Kathleen Wilson
2
9/20/23
Ownership change for Mozilla CA Certificate Policy module
The module ownership has been updated. https://wiki.mozilla.org/Modules/All#Governance_Sub_Modules
unread,
Ownership change for Mozilla CA Certificate Policy module
The module ownership has been updated. https://wiki.mozilla.org/Modules/All#Governance_Sub_Modules
9/20/23
Ben Wilson
9/18/23
Blog Post About Mozilla Root Store Policy Version 2.9
All, Recently, I posted on the Mozilla Security Blog a brief overview of updates to the Mozilla Root
unread,
Blog Post About Mozilla Root Store Policy Version 2.9
All, Recently, I posted on the Mozilla Security Blog a brief overview of updates to the Mozilla Root
9/18/23
Ben Wilson
2
8/29/23
MRSP 2.9: Draft CA Communication and Survey
All, This August 2023 CA Communication and Survey was sent out to CAs already in our program last
unread,
MRSP 2.9: Draft CA Communication and Survey
All, This August 2023 CA Communication and Survey was sent out to CAs already in our program last
8/29/23
Tim Hollebeek
,
Aaron Poulsen
2
8/18/23
Mozilla Policy 2.9, section 3.1.4 and CCADB policy section 5.1
I do not feel this point it nitpicky. Externally-referenced documents increase the compliance burden
unread,
Mozilla Policy 2.9, section 3.1.4 and CCADB policy section 5.1
I do not feel this point it nitpicky. Externally-referenced documents increase the compliance burden
8/18/23