Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

mozilla.dev.security.policy

Contact owners and managers

1–30 of 1830

0 selected

Kathleen Wilson2

4/1/21

MOVING mozilla.dev.security.policy to dev-security-policy in Mozilla’s Google Workspace (formerly GSuite)

All, I posted the first message to the new group, with subject "WELCOME to dev-security-policy

unread,

MOVING mozilla.dev.security.policy to dev-security-policy in Mozilla’s Google Workspace (formerly GSuite)

All, I posted the first message to the new group, with subject "WELCOME to dev-security-policy

4/1/21

Ben Wilson, … Pablo Díaz10

4/1/21

Public Discussion re: Inclusion of the ANF Secure Server Root CA

On March 10, 2021, we began the public discussion period [Step 4 of the Mozilla Root Store CA

unread,

Public Discussion re: Inclusion of the ANF Secure Server Root CA

On March 10, 2021, we began the public discussion period [Step 4 of the Mozilla Root Store CA

4/1/21

Ben Wilson, … Ryan Sleevi43

3/31/21

Summary of Camerfirma's Compliance Issues

(Writing in a Google capacity) In [1], we removed support in Camerfirma certificates, as previously

unread,

Summary of Camerfirma's Compliance Issues

(Writing in a Google capacity) In [1], we removed support in Camerfirma certificates, as previously

3/31/21

3/30/21

Mozilla Root Store Policy MRSP 2.7.1 Update

All, Version 2.7.1 of the Mozilla Root Store Policy (MRSP) is now saved in Mozilla's GitHub

unread,

Mozilla Root Store Policy MRSP 2.7.1 Update

All, Version 2.7.1 of the Mozilla Root Store Policy (MRSP) is now saved in Mozilla's GitHub

3/30/21

Ben Wilson, … Wanko Clemens48

3/30/21

Policy 2.7.1: MRSP Issue #192: Require information about auditor qualifications in the audit report

All, Here, for your review and comment, is the final version of the wiki page guidance on providing

unread,

Policy 2.7.1: MRSP Issue #192: Require information about auditor qualifications in the audit report

All, Here, for your review and comment, is the final version of the wiki page guidance on providing

3/30/21

3/30/21

Prioritization of Root CA Inclusion Requests

For future reference, this is now posted here: https://wiki.mozilla.org/CA/Prioritization. On Wed,

unread,

Prioritization of Root CA Inclusion Requests

For future reference, this is now posted here: https://wiki.mozilla.org/CA/Prioritization. On Wed,

3/30/21

3/30/21

Job/Job Posting: Chrome Root Program

[Posting in a Google hat] Several years ago [1], Kathleen opened a discussion about whether it would

unread,

Job/Job Posting: Chrome Root Program

[Posting in a Google hat] Several years ago [1], Kathleen opened a discussion about whether it would

3/30/21

Kathleen Wilson2

3/30/21

CCADB Update to Audit and Root Inclusion Cases March 25-29

All, The CCADB update has been completed, and the "UNDER CONSTRUCTION" notice will be

unread,

CCADB Update to Audit and Root Inclusion Cases March 25-29

All, The CCADB update has been completed, and the "UNDER CONSTRUCTION" notice will be

3/30/21

Kathleen Wilson, … Rob Stradling5

3/24/21

New intermediate certs and Audit Statements

On 3/24/21 5:32 AM, Rob Stradling wrote: > On 9th July 2019, Kathleen wrote: >> I propose

unread,

New intermediate certs and Audit Statements

On 3/24/21 5:32 AM, Rob Stradling wrote: > On 9th July 2019, Kathleen wrote: >> I propose

3/24/21

3/22/21

Public Discussion of Asseco's Root Inclusion Request

Dear All, This is to announce the beginning of the public discussion phase of the Mozilla root CA

unread,

Public Discussion of Asseco's Root Inclusion Request

Dear All, This is to announce the beginning of the public discussion phase of the Mozilla root CA

3/22/21

Ben Wilson, … Ryan Sleevi21

3/19/21

Policy 2.7.1: MRSP Issue #206: Limit re-use of domain name verification to 398 days

Hi Doug, It means the same thing as in the BRs. I am processing this change on a parallel track with

unread,

Policy 2.7.1: MRSP Issue #206: Limit re-use of domain name verification to 398 days

Hi Doug, It means the same thing as in the BRs. I am processing this change on a parallel track with

3/19/21

Kathleen Wilson, … Kurt Roeckx76

3/16/21

Audit Reminder Email Summary

-------- Forwarded Message -------- Subject: Summary of March 2021 Audit Reminder Emails Date: Tue,

unread,

Audit Reminder Email Summary

-------- Forwarded Message -------- Subject: Summary of March 2021 Audit Reminder Emails Date: Tue,

3/16/21

[email protected], … Peter Bowen7

3/12/21

Clarification request: ECC subCAs under RSA Root

On Thu, Mar 11, 2021 at 12:01 AM pfuen...--- via dev-security-policy <dev-security-policy@lists.

unread,

Clarification request: ECC subCAs under RSA Root

On Thu, Mar 11, 2021 at 12:01 AM pfuen...--- via dev-security-policy <dev-security-policy@lists.

3/12/21

Ben Wilson, … Bruce16

3/11/21

Policy 2.7.1: MRSP Issue #153: Cradle-to-Grave Contiguous Audits

Bruce, The answer would be yes because we check the validity of the root CA certificate and other CA

unread,

Policy 2.7.1: MRSP Issue #153: Cradle-to-Grave Contiguous Audits

Bruce, The answer would be yes because we check the validity of the root CA certificate and other CA

3/11/21

Ben Wilson, Ryan Sleevi3

3/10/21

Synopsis of Proposed Changes to MRSP v. 2.7.1

Thanks, Ryan I'll work on incorporating your suggestions into the draft we're working on. Ben

unread,

Synopsis of Proposed Changes to MRSP v. 2.7.1

Thanks, Ryan I'll work on incorporating your suggestions into the draft we're working on. Ben

3/10/21

Ben Wilson, … Aaron Gable8

3/8/21

Policy 2.7.1: MRSP Issue #218: Clarify CRL requirements for End Entity Certificates

All, We are going to postpone the resolution of this Issue #218 and the addition of language to

unread,

Policy 2.7.1: MRSP Issue #218: Clarify CRL requirements for End Entity Certificates

All, We are going to postpone the resolution of this Issue #218 and the addition of language to

3/8/21

Ben Wilson, … Jeff Ward13

3/8/21

Policy 2.7.1: MRSP Issue #187: Require disclosure of incidents in Audit Reports

Kathleen and I edited the proposed language ( https://github.com/BenWilson-Mozilla/pkipolicy/commit/

unread,

Policy 2.7.1: MRSP Issue #187: Require disclosure of incidents in Audit Reports

Kathleen and I edited the proposed language ( https://github.com/BenWilson-Mozilla/pkipolicy/commit/

3/8/21

Kathleen Wilson, Ryan Sleevi23

3/2/21

Audit Reminders for Intermediate Certs

-------- Forwarded Message -------- Subject: Summary of March 2021 Outdated Audit Statements for

unread,

Audit Reminders for Intermediate Certs

-------- Forwarded Message -------- Subject: Summary of March 2021 Outdated Audit Statements for

3/2/21

2/27/21

Public Discussion for Inclusion of e-commerce monitoring's GLOBALTRUST 2020 Root

On February 4, 2021, the public discussion period [Step 4 of the Mozilla Root Store CA Application

unread,

Public Discussion for Inclusion of e-commerce monitoring's GLOBALTRUST 2020 Root

On February 4, 2021, the public discussion period [Step 4 of the Mozilla Root Store CA Application

2/27/21

Kathleen Wilson, … Aaron Gable14

2/26/21

CCADB Proposal: Add field called JSON Array of Partitioned CRLs Issued By This CA

On Fri, Feb 26, 2021 at 5:18 PM Ryan Sleevi <[email protected]> wrote: > I do believe it's

unread,

CCADB Proposal: Add field called JSON Array of Partitioned CRLs Issued By This CA

On Fri, Feb 26, 2021 at 5:18 PM Ryan Sleevi <[email protected]> wrote: > I do believe it's

2/26/21

Ace Care Center

2/25/21

The Ace Care Center Team has received your request [<AR698696>]

………………………………………………………….. Please do not reply to this email. ………………………………………………………….. Hello from the

unread,

The Ace Care Center Team has received your request [<AR698696>]

………………………………………………………….. Please do not reply to this email. ………………………………………………………….. Hello from the

2/25/21

SXIA, Ryan Sleevi2

2/18/21

Questions About DigiCert .onion Certificate SubjectPublicKey Hash

This is already tracked as https://github.com/cabforum/servercert/issues/190 and is waiting the

unread,

Questions About DigiCert .onion Certificate SubjectPublicKey Hash

This is already tracked as https://github.com/cabforum/servercert/issues/190 and is waiting the

2/18/21

Ben Wilson, Jeff Ward5

2/15/21

Policy 2.7.1: MRSP Issue #207: Require audit statements to provide information about which CA Locations were audited

The current proposed draft of changes is at https://github.com/BenWilson-Mozilla/pkipolicy/commit/

unread,

Policy 2.7.1: MRSP Issue #207: Require audit statements to provide information about which CA Locations were audited

The current proposed draft of changes is at https://github.com/BenWilson-Mozilla/pkipolicy/commit/

2/15/21

Ben Wilson, … Nick Lamb11

2/12/21

Public Discussion of GlobalSign's CA Inclusion Request for R46, E46, R45 and E45 Roots

On Thu, 11 Feb 2021 15:12:46 -0500 Ryan Sleevi via dev-security-policy <dev-security-policy@lists.

unread,

Public Discussion of GlobalSign's CA Inclusion Request for R46, E46, R45 and E45 Roots

On Thu, 11 Feb 2021 15:12:46 -0500 Ryan Sleevi via dev-security-policy <dev-security-policy@lists.

2/12/21

2/11/21

Policy 2.7.1: MRSP Issue #221: Wrong hyperlink for "Material Change" in MRSP Section 8

All, I am proposing for v. 2.7.1 a minor change that corrects a hyperlink issue in MRSP section 8.

unread,

Policy 2.7.1: MRSP Issue #221: Wrong hyperlink for "Material Change" in MRSP Section 8

All, I am proposing for v. 2.7.1 a minor change that corrects a hyperlink issue in MRSP section 8.

2/11/21

Ben Wilson, Kathleen Wilson2

2/10/21

Action on Camerfirma Root CAs

I filed https://bugzilla.mozilla.org/show_bug.cgi?id=1692094 to turn off the Websites trust bit for

unread,

Action on Camerfirma Root CAs

I filed https://bugzilla.mozilla.org/show_bug.cgi?id=1692094 to turn off the Websites trust bit for

2/10/21

Ben Wilson, … Jakob Bohm12

2/10/21

Policy 2.7.1: MRSP Issue #186: Requirement to Disclose Self-signed Certificates

In the Github document, which I'm using to track proposed language, I've added "This

unread,

Policy 2.7.1: MRSP Issue #186: Requirement to Disclose Self-signed Certificates

In the Github document, which I'm using to track proposed language, I've added "This

2/10/21

Andrew Ayer, … Wojtek Porczyk5

2/10/21

The CAA DNS Operator Exception Is Problematic

On Wed, Feb 10, 2021 at 02:21:53AM +0000, Nick Lamb via dev-security-policy wrote: > On Mon, 8 Feb

unread,

The CAA DNS Operator Exception Is Problematic

On Wed, Feb 10, 2021 at 02:21:53AM +0000, Nick Lamb via dev-security-policy wrote: > On Mon, 8 Feb

2/10/21

Burton, Ryan Sleevi8

1/28/21

Root Store Policy Suggestion

On Thu, Jan 28, 2021 at 7:33 PM Ryan Sleevi <[email protected]> wrote: > > > On Thu, Jan

unread,

Root Store Policy Suggestion

On Thu, Jan 28, 2021 at 7:33 PM Ryan Sleevi <[email protected]> wrote: > > > On Thu, Jan

1/28/21

Ben Wilson, … Watson Ladd10

1/27/21

Mozilla's Response to Camerfirma's Compliance Issues

On Monday, January 25, 2021 at 9:21:53 PM UTC-8, Ben Wilson wrote: > Dear All, > > We

unread,

Mozilla's Response to Camerfirma's Compliance Issues

On Monday, January 25, 2021 at 9:21:53 PM UTC-8, Ben Wilson wrote: > Dear All, > > We

1/27/21

Search

Clear search

Close search

Google apps

Main menu