On Sat, 23 Feb 2019 10:16:27 +0100 Kurt Roeckx via dev-security-policy <[email protected]> wrote: > I would also like to have a comment from the current root owner > (digicert?) on what they plan to do with it.
Two other things would be interesting from Digicert on this topic 1. To what extent does DarkMatter have practical ability to issue independently of Digicert? https://crt.sh/?caid=22507 It would be nice to know where this is on the spectrum of intermediate CAs, between the cPanel intermediate (all day-to-day operations presumably by Sectigo and nobody from cPanel has the associated RSA private keys) and Let's Encrypt X3 (all day-to-day operations by Let's Encrypt / ISRG and presumably nobody from IdenTrust has the associated RSA private keys) 2. Does Digicert agree that currently misissuances, even on seemingly minor technical issues like threadbare random serial numbers are their problem, since they are the root CA and ultimately responsible for this intermediate ? Nick. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
