Frank Hecker wrote:
I'm finally getting back to working on requests for CA for their root
certificates to be included in NSS/Mozilla. (Yes, I suck for leaving
this undone for so long; my apologies.)
The first one I'm working on is for StartCom Ltd., bug 289077:
https://bugzilla.mozilla.org/
Frank Hecker wrote:
I'm finally getting back to working on requests for CA for their root
certificates to be included in NSS/Mozilla. (Yes, I suck for leaving
this undone for so long; my apologies.)
The first one I'm working on is for StartCom Ltd., bug 289077:
https://bugzilla.mozilla.org/
Frank Hecker wrote:
I'm finally getting back to working on requests for CA for their root
certificates to be included in NSS/Mozilla. (Yes, I suck for leaving
this undone for so long; my apologies.)
The first one I'm working on is for StartCom Ltd., bug 289077:
https://bugzilla.mozilla.org/
[EMAIL PROTECTED] wrote:
> The revival of the "Class 1 cert discussion" shows a different issue:
> Further distinction based on the level of authentication is required.
Agreed - one solution would be if this wasn't a binary trusted/untrusted
setting.
My take on the situation is that StartCom ha
Hi David,
David E. Ross wrote:
>>> ... my checklist for CA audit
>> Is it published somewhere? It might be very interesting.
> No, it is not published. It is copyrighted.
I see, since, this document is not part of the Mozilla CA certificate
Policy or the decision process, there is no need to pub
[EMAIL PROTECTED] wrote:
Hi David,
On Mon, 01 May 2006 16:17:58 -0700 David E. Ross wrote:
Note that my checklist for CA audit (originally developed for reviewing CACert,
another free certificate authority) specifies
Is it published somewhere? I couldn't find it by searching the Web. It
migh
Hi David,
On Mon, 01 May 2006 16:17:58 -0700 David E. Ross wrote:
> Note that my checklist for CA audit (originally developed for reviewing
> CACert, another free certificate authority) specifies
Is it published somewhere? I couldn't find it by searching the Web. It
might be very interesting.
C
Hi,
On Mon, 01 May 2006 16:17:58 -0700 David E. Ross wrote:
> ... I would not trust any Class 1 subscriber certificate ...
On Mon, 01 May 2006 20:24:40 -0400 Frank Hecker wrote:
> ...Whether one agrees that it's sufficient or not, "class 1"
certificates ... As you'll recall,... the ultimate resul
On 1 May 2006 19:07:58 -0700, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> My intent was to address identifying the persons who are subscribers,
> well beyond merely verifying Web domains and E-mail addresses.
> According to the StartCom CP (Sect. 11.III.A), that level of
> verification is not
>
> My intent was to address identifying the persons who are subscribers,
> well beyond merely verifying Web domains and E-mail addresses.
> According to the StartCom CP (Sect. 11.III.A), that level of
> verification is not done for Class 1 subscriber certificates.
Nor should it be, class 1 certi
David E. Ross wrote:
For any class of certificate and for any certificate type (i.e., mail
authentication, Web site security, code-signing), I would expect two
levels of subscriber verification.
The first level would be to verify that the Web domain or E-mail address
for the subscriber's cert
Frank Hecker wrote:
I'm finally getting back to working on requests for CA for their root
certificates to be included in NSS/Mozilla. (Yes, I suck for leaving
this undone for so long; my apologies.)
The first one I'm working on is for StartCom Ltd., bug 289077:
https://bugzilla.mozilla.org/
I'm finally getting back to working on requests for CA for their root
certificates to be included in NSS/Mozilla. (Yes, I suck for leaving
this undone for so long; my apologies.)
The first one I'm working on is for StartCom Ltd., bug 289077:
https://bugzilla.mozilla.org/show_bug.cgi?id=28907
13 matches
Mail list logo
