The summary of the action items resulting from this first public
discussion is as follows.
The criteria by which the CA was audited needs to be clarified.
ComSign is requested to provide information about the audit criteria
or the CA certificate practice requirements as published by the
Ministry o
As per the CA Schedule at https://wiki.mozilla.org/CA:Schedule TC
TrustCenter is the next request in the queue for public discussion.
TC TrustCenter (a commercial company based in Germany, with customers
in all major regions of the world) has applied to add four root CA
certificates to the Mozilla
Certigna has applied to add one new root CA certificate to the Mozilla
root store. The first public discussion of this inclusion request can
be found here:
http://groups.google.com/group/mozilla.dev.tech.crypto/browse_thread/thread/1eb7ad475c762788#
Bug:
https://bugzilla.mozilla.org/show_bug.cgi
Microsec has applied to add one new root CA certificate to the Mozilla
root store. The first public discussion of this inclusion request can
be found here:
http://groups.google.com/group/mozilla.dev.tech.crypto/browse_thread/thread/416427a350db11a9#
Bug:
https://bugzilla.mozilla.org/show_bug.cgi
> There's a potential problematic practice here, which is "long time
> period between CRL issuance".
My understanding is that the update frequency of the CRLs is important
in regards to the end-entity certificates, not necessarily at the CA
level.
These URLs are the CRLs at the CA level, and thei
I apologize for the confusion. I was mentally mistaking the error code
e009 for fffe095.
In regards to the CRLS
http://fedir.comsign.co.il/crl/ComSignCA.crl
http://fedir.comsign.co.il/crl/ComSignSecuredCA.crl
I have just tried the two CRL’s again, and see that the error is
indeed e009 whi
To summarize this discussion, only one concern has been raised in
regards to this request. In particular, Hongkong Post issues both a
full CRL and a partitioned CRL. Currently Firefox handles full CRLs,
but not partitioned CRLs. The end-entity certs chaining up to this
root include a cRLDistributio
The summary of the action items resulting from this first public
discussion is as follows.
A publicly available document that is evaluated as part of the annual
audit needs to be provided, and it must include information that
satisfies section 7, parts a, b, and c of the Mozilla CA Certificate
Pol
The summary of the action items resulting from this first public
discussion is as follows.
A publicly available document that is evaluated as part of the annual
audit needs to be provided, and it must include information that
satisfies section 7, parts a, b, and c of the Mozilla CA Certificate
Pol
> As reported inhttps://bugzilla.mozilla.org/show_bug.cgi?id=408949#c27
> this CA uses partitioned CRLs with CRL IDP extensions marked critical.
> NSS does not handle partitioned CRLs at this time, and any CRLs with
> critical CRL IDP extensions are rejected due to the presence of
> unknown critica
Of course. I will await your next post to this discussion.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
As per the CA Schedule at https://wiki.mozilla.org/CA:Schedule
Hongkong Post is the next request in the queue for public discussion.
Hongkong Post (a national government CA under the law of Hong Kong
Special Administrative Region of China) has applied to add one new
root CA certificate to the Mozi
Certigna’s root inclusion request has been in public discussion for a
week now. No issues or concerns about this request have been raised.
According to https://wiki.mozilla.org/CA:How_to_apply
“If there are no open issues or action items after the first
discussion period, and there is general agre
As per the CA Schedule at https://wiki.mozilla.org/CA:Schedule
Certigna is the next request in the queue for public discussion.
Certigna (a French CA for the European market) has applied to add one
new root CA certificate to the Mozilla root store, as documented in
the following bug:
https://bugz
DCSSI’s root inclusion request has been in public discussion for a
week now. No issues or concerns about this request have been raised.
According to https://wiki.mozilla.org/CA:How_to_apply
“If there are no open issues or action items after the first
discussion period, and there is general agreeme
Frank has asked me to help with the public discussion phase for CA
requests. The CA Schedule at https://wiki.mozilla.org/CA:Schedule has
been changed into a queue. I will keep that page updated as requests
enter/complete discussion or complete the information gathering/
verification phase. DCSSI is
16 matches
Mail list logo
