Transfer of QuoVadis to DigiCert

399 views
Skip to first unread message

Jeremy Rowley

unread,
Jan 15, 2019, 2:27:37 AM1/15/19
to mozilla-dev-s...@lists.mozilla.org
Hey all,

You may have seen that DigiCert is purchasing the QuoVadis PKI from WISeKey, including all public root operations. With the closing date drawing closer, I wanted to start the discussion and give the Mozilla community the notice required under Section 8 of the Mozilla CA policy.

Let me know what questions you have. I'll do my best to answer them, although many of the answers will likely have to wait until the official close date.

Jeremy

Wayne Thayer

unread,
Jan 15, 2019, 11:10:47 AM1/15/19
to Jeremy Rowley, mozilla-dev-s...@lists.mozilla.org
Thanks Jeremy.

To be clear, in this case Mozilla policy requires disclosure, but a public
discussion 'resolved with a positive conclusion' is not required because
DigiCert is already a member of our program.

The policy also requires notification of any resulting changes in the
QuoVadis CP or CPS. Jeremy, what CP/CPS changes do you anticipate making?
Will QuoVadis roots end up under the DigiCert CP/CPS?

- Wayne
> _______________________________________________
> dev-security-policy mailing list
> dev-secur...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-security-policy
>

Jeremy Rowley

unread,
Jan 16, 2019, 12:56:47 AM1/16/19
to Wayne Thayer, mozilla-dev-s...@lists.mozilla.org
Longer term, everything is being merged into the DigiCert CPS. For Symantec, this will happen during 2019. For Quovadis, I anticipate it’ll happen in either 2019 or 2020. When we merge the CPS docs depends on when we change the data center to be compliant with the DigiCert CPS. For the short term, we plan on operating Quovadis under its existing CPS and with its existing practices.

From: Wayne Thayer <wth...@mozilla.com>
Sent: Tuesday, January 15, 2019 9:10 AM
To: Jeremy Rowley <jeremy...@digicert.com>
Cc: mozilla-dev-s...@lists.mozilla.org
Subject: Re: Transfer of QuoVadis to DigiCert

Thanks Jeremy.

To be clear, in this case Mozilla policy requires disclosure, but a public discussion 'resolved with a positive conclusion' is not required because DigiCert is already a member of our program.

The policy also requires notification of any resulting changes in the QuoVadis CP or CPS. Jeremy, what CP/CPS changes do you anticipate making? Will QuoVadis roots end up under the DigiCert CP/CPS?

- Wayne

On Tue, Jan 15, 2019 at 12:27 AM Jeremy Rowley via dev-security-policy <dev-secur...@lists.mozilla.org<mailto:dev-secur...@lists.mozilla.org>> wrote:
Hey all,

You may have seen that DigiCert is purchasing the QuoVadis PKI from WISeKey, including all public root operations. With the closing date drawing closer, I wanted to start the discussion and give the Mozilla community the notice required under Section 8 of the Mozilla CA policy.

Let me know what questions you have. I'll do my best to answer them, although many of the answers will likely have to wait until the official close date.

Jeremy
_______________________________________________
dev-security-policy mailing list
dev-secur...@lists.mozilla.org<mailto:dev-secur...@lists.mozilla.org>
https://lists.mozilla.org/listinfo/dev-security-policy

westm...@gmail.com

unread,
Jan 17, 2019, 9:55:32 AM1/17/19
to mozilla-dev-s...@lists.mozilla.org
Hello,
Do you have planned to remove the QuoVadis Root certificates and use Digicert Root certificates for intermediate certs of QuoVadis or no?
Thanks.
Andrew (Russia)

Jeremy Rowley

unread,
Jan 17, 2019, 9:59:35 AM1/17/19
to mozilla-dev-s...@lists.mozilla.org, westm...@gmail.com

westm...@gmail.com

unread,
Jan 17, 2019, 10:03:31 AM1/17/19
to mozilla-dev-s...@lists.mozilla.org
"qwacs"? Sorry, what is it?

Ryan Sleevi

unread,
Jan 17, 2019, 10:06:52 AM1/17/19
to westm...@gmail.com, mozilla-dev-security-policy
Qualified Website Authentication Certificate -
https://en.wikipedia.org/wiki/Qualified_website_authentication_certificate

On Thu, Jan 17, 2019 at 10:03 AM westmail24--- via dev-security-policy <
dev-secur...@lists.mozilla.org> wrote:

> "qwacs"? Sorry, what is it?
> _______________________________________________
> dev-security-policy mailing list
> dev-secur...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-security-policy
>

Ramiro Muñoz

unread,
Jan 17, 2019, 1:05:12 PM1/17/19
to westm...@gmail.com, mozilla-dev-s...@lists.mozilla.org
Qualified Web Authentication Certificates (QWAC) under eIDAS European
regulation.
        
Ramiro Muñoz Muñoz
CTO & Regulatory Standards. CISA.
+34 619746291
ram...@camerfirma.com

-----Mensaje original-----
De: dev-security-policy
[mailto:dev-security-...@lists.mozilla.org] En nombre de
westmail24--- via dev-security-policy
Enviado el: jueves, 17 de enero de 2019 16:03
Para: mozilla-dev-s...@lists.mozilla.org
Asunto: Re: Transfer of QuoVadis to DigiCert

"qwacs"? Sorry, what is it?
_______________________________________________
dev-security-policy mailing list
dev-secur...@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
Reply all
Reply to author
Forward
0 new messages