Groups
Send feedback to Google
Help
Training
Sign in
Groups
dev-security-policy@mozilla.org
Conversations
About
dev-security-policy@mozilla.org
Contact owners and managers
1–30 of 264
Welcome to the dev-security-policy group in which we discuss security-related policies, governance, and related topics; including discussion of
Mozilla’s Root Store Policy
and the
NSS root certificate store
.
Mailing List:
dev-security-policy@mozilla.or
g
Web:
https://groups.google.com/a/mo
zilla.org/g/dev-security-polic
y
Subscribe by using the button "Ask to join group" and complete the box "Reason for joining".
Membership requests must provide context for your interest in joining the group. Requests without this information will be rejected.
Participation Guidelines:
https://www.mozilla.org/about/
governance/policies/participat
ion/
Participants:
https://wiki.mozilla.org/CA/Po
licy_Participants
Unsubscribe by sending email to:
dev-security-policy+unsubscrib
e@mozilla.org
Previous archives (2009-2021):
https://groups.google.com/g/mo
zilla.dev.security.policy
RSS feed:
https://www.mail-archive.com/d
ev-security-policy@mozilla.org
/maillist.xml
Mark all as read
Report group
0 selected
Tim Hollebeek
, …
Matt Palmer
29
Jul 26
Feasibility of a binding commitment to revoke before issuance
On Fri, Jul 26, 2024 at 10:13:31AM -0600, Ben Wilson wrote: > In addition to the ideas stated in
unread,
Feasibility of a binding commitment to revoke before issuance
On Fri, Jul 26, 2024 at 10:13:31AM -0600, Ben Wilson wrote: > In addition to the ideas stated in
Jul 26
Ben Wilson
, …
Claves Nostrum
77
Jul 25
Recent Entrust Compliance Incidents
How would that work from an auditing perspective? Given the minimally accepted period-under-audit for
unread,
Recent Entrust Compliance Incidents
How would that work from an auditing perspective? Given the minimally accepted period-under-audit for
Jul 25
Ben Wilson
Jul 24
Reminder: Mozilla's Community Participation Guidelines and Bugzilla Etiquette
Dear Community Members, As part of our ongoing commitment to fostering a respectful and productive
unread,
Reminder: Mozilla's Community Participation Guidelines and Bugzilla Etiquette
Dear Community Members, As part of our ongoing commitment to fostering a respectful and productive
Jul 24
Ben Wilson
2
Jul 16
Phasing out Legacy S/MIME Certificates
Greetings, I am writing to you as a reminder regarding future compliance of S/MIME certificates with
unread,
Phasing out Legacy S/MIME Certificates
Greetings, I am writing to you as a reminder regarding future compliance of S/MIME certificates with
Jul 16
Ben Wilson
, …
Mitsuyoshi Tamura
8
Jul 11
Intent to Approve Cybertrust / JCSI Japan Root Inclusions
Thanks for reconfirming. I should have noted in my initial post that these three roots are just for
unread,
Intent to Approve Cybertrust / JCSI Japan Root Inclusions
Thanks for reconfirming. I should have noted in my initial post that these three roots are just for
Jul 11
Ryan Hurst
Jul 8
Disclosure of Advisory Role with Entrust
Community, I wanted to inform you that I've taken on another advisory role, this time with
unread,
Disclosure of Advisory Role with Entrust
Community, I wanted to inform you that I've taken on another advisory role, this time with
Jul 8
Ben Wilson
, …
Hao-Chun Li
6
Jul 8
Approval of Taiwan CA's Root Inclusion Request
All, We appreciate the feedback and active participation from the community. After careful
unread,
Approval of Taiwan CA's Root Inclusion Request
All, We appreciate the feedback and active participation from the community. After careful
Jul 8
Ben Wilson
Jun 30
Draft "Lessons Learned" Wiki Page – Seeking Feedback
Dear Mozilla Community, I am pleased to announce the publication of a new resource aimed at enhancing
unread,
Draft "Lessons Learned" Wiki Page – Seeking Feedback
Dear Mozilla Community, I am pleased to announce the publication of a new resource aimed at enhancing
Jun 30
Mike Shaver
, …
Tyrel
9
Jun 27
Mozilla delayed revocation incident expectations
Mike, While the existence of the delayed revocation protocol might make delayed revocation seem more
unread,
Mozilla delayed revocation incident expectations
Mike, While the existence of the delayed revocation protocol might make delayed revocation seem more
Jun 27
Arabella Barks
, …
Alvin Wang
9
Jun 26
iPAddress certificate bypass DCV on port 80 or 443? Does it compliant BR?
Wang, Thank you for your clarification, and responsible attitude, Our community can be sure that
unread,
iPAddress certificate bypass DCV on port 80 or 443? Does it compliant BR?
Wang, Thank you for your clarification, and responsible attitude, Our community can be sure that
Jun 26
Ben Wilson
, …
Wayne
4
Jun 25
Proposal for a 24-hour pause in Entrust Discussion
Hi Wayne, Thank you for your question. I was thinking that the pause would apply to all emails under
unread,
Proposal for a 24-hour pause in Entrust Discussion
Hi Wayne, Thank you for your question. I was thinking that the pause would apply to all emails under
Jun 25
Watson Ladd
,
Aaron Gable
2
Jun 18
Fwd: Revocation necessity: subjective or objective
You were able to successfully post to pub...@ccadb.org: https://groups.google.com/a/ccadb.org/g/
unread,
Fwd: Revocation necessity: subjective or objective
You were able to successfully post to pub...@ccadb.org: https://groups.google.com/a/ccadb.org/g/
Jun 18
Aaron Gable
, …
Wayne
5
Jun 14
Handling of inconsistencies between BRs, CPs, and CPSes
On Friday, June 14, 2024 at 6:54:03 PM UTC+1 Aaron Gable wrote: On Fri, Jun 14, 2024 at 9:44 AM Wayne
unread,
Handling of inconsistencies between BRs, CPs, and CPSes
On Friday, June 14, 2024 at 6:54:03 PM UTC+1 Aaron Gable wrote: On Fri, Jun 14, 2024 at 9:44 AM Wayne
Jun 14
Ben Wilson
, …
e-commerce monitoring
19
Jun 14
Public Discussion of Acquisition of e-commerce monitoring GmbH by AUSTRIA CARD-Plastikkarten und Ausweissysteme GmbH
As you might know, browsers have decided to remove e-commerce monitoring GmbH (ECM) with its Root
unread,
Public Discussion of Acquisition of e-commerce monitoring GmbH by AUSTRIA CARD-Plastikkarten und Ausweissysteme GmbH
As you might know, browsers have decided to remove e-commerce monitoring GmbH (ECM) with its Root
Jun 14
Ben Wilson
, …
e-commerce monitoring
15
Jun 14
Distrust dates for GLOBALTRUST 2020 CA
As you might know, browsers have decided to remove e-commerce monitoring GmbH (ECM) with its Root
unread,
Distrust dates for GLOBALTRUST 2020 CA
As you might know, browsers have decided to remove e-commerce monitoring GmbH (ECM) with its Root
Jun 14
Mike Shaver
, …
Amir Omidi (aaomidi)
19
Jun 13
when do things really need to be revoked? who decides?
On Mon, Jun 10, 2024 at 11:06 AM Tyrel <tmcque...@gmail.com> wrote: Since it has come up in
unread,
when do things really need to be revoked? who decides?
On Mon, Jun 10, 2024 at 11:06 AM Tyrel <tmcque...@gmail.com> wrote: Since it has come up in
Jun 13
Ben Wilson
,
Tim Hollebeek
2
Jun 5
Help Improve the Mozilla Root Store Policy
This doesn't apply to the parts of Mozilla policy that aren't certificate policy, but to the
unread,
Help Improve the Mozilla Root Store Policy
This doesn't apply to the parts of Mozilla policy that aren't certificate policy, but to the
Jun 5
Wayne
, …
Yu Rollin
8
Jun 1
Mozilla Root Policy: ECC Curves and Signature Length (Mass Certificate Problem Report)
Agreed with Amir, if the public key of the issuer certificate is ECDSA P-384, then the signed
unread,
Mozilla Root Policy: ECC Curves and Signature Length (Mass Certificate Problem Report)
Agreed with Amir, if the public key of the issuer certificate is ECDSA P-384, then the signed
Jun 1
Amir Omidi (aaomidi)
, …
Wayne
7
May 30
Vulnurability Disclosure - How does it happen?
To bring this discussion back up what is the required impact for disclosure? To move the discussion
unread,
Vulnurability Disclosure - How does it happen?
To bring this discussion back up what is the required impact for disclosure? To move the discussion
May 30
Mike Shaver
May 22
subscriber certificate agility KYC for CAs
I wanted to elaborate on a piece of my last message, specifically around issuance of certificates for
unread,
subscriber certificate agility KYC for CAs
I wanted to elaborate on a piece of my last message, specifically around issuance of certificates for
May 22
Wayne
May 22
CA Incident Response and Delayed Revocation Correspondence
Given all of the discussion on delayed revocation the past few months I was thinking it would be
unread,
CA Incident Response and Delayed Revocation Correspondence
Given all of the discussion on delayed revocation the past few months I was thinking it would be
May 22
Mike Shaver
,
Ben Wilson
2
May 6
comment on Entrust_Issues wiki page
All, I hadn't announced this page yet, hoping to reference it in an email currently undergoing
unread,
comment on Entrust_Issues wiki page
All, I hadn't announced this page yet, hoping to reference it in an email currently undergoing
May 6
Felix Linker
,
Andrew Ayer
3
May 3
CT Log Inclusion check: get-entry-and-proof unexpectedly returns "Not found"
Thanks for the pointer, Andrew! Best, Felix On 3 May 2024, at 00:29, Andrew Ayer <agwa@andrewayer.
unread,
CT Log Inclusion check: get-entry-and-proof unexpectedly returns "Not found"
Thanks for the pointer, Andrew! Best, Felix On 3 May 2024, at 00:29, Andrew Ayer <agwa@andrewayer.
May 3
Mike Shaver
, …
Andrew Ayer
5
May 2
evaluation of aggregate behaviour for CAs
Oh, I feel dumb for not searching the old Google group, considering that I used to subscribe to it.
unread,
evaluation of aggregate behaviour for CAs
Oh, I feel dumb for not searching the old Google group, considering that I used to subscribe to it.
May 2
Wayne
,
Mike Shaver
3
Apr 27
CA Incident Transparency and Public Audits
Thanks, Wayne. I think this sort of analysis is quite valuable for constructing a reliable history of
unread,
CA Incident Transparency and Public Audits
Thanks, Wayne. I think this sort of analysis is quite valuable for constructing a reliable history of
Apr 27
Amir Omidi (aaomidi)
, …
David Adrian
4
Apr 22
Question about a random certificate I've found on CT
Thanks all! On Mon, Apr 22, 2024 at 7:05 AM 'David Adrian' via dev-security-policy@mozilla.
unread,
Question about a random certificate I've found on CT
Thanks all! On Mon, Apr 22, 2024 at 7:05 AM 'David Adrian' via dev-security-policy@mozilla.
Apr 22
Ben Wilson
Mar 25
Approval of Firmaprofesional CA Root-A Web
All, Public discussion regarding inclusion of the Firmaprofesional CA ROOT-A WEB began on the CCADB
unread,
Approval of Firmaprofesional CA Root-A Web
All, Public discussion regarding inclusion of the Firmaprofesional CA ROOT-A WEB began on the CCADB
Mar 25
Kathleen Wilson
, …
Marcel Levy
8
Mar 4
Retirement Announcement & Thank You!
Kathleen, Thank you for your work, and for creating a tool that's helped make the world a bit
unread,
Retirement Announcement & Thank You!
Kathleen, Thank you for your work, and for creating a tool that's helped make the world a bit
Mar 4
Suchan Seo
, …
Corey Bonnell
5
Feb 21
OCSP responde for serial number that exist but out of scope of OCSP reponder?
I agree with Aaron's assessment. In addition to the reasons from a compliance standpoint that
unread,
OCSP responde for serial number that exist but out of scope of OCSP reponder?
I agree with Aaron's assessment. In addition to the reasons from a compliance standpoint that
Feb 21
Kathleen Wilson
32
Feb 20
Audit Reminder Email Summary - Intermediate Certificates
-------- Forwarded Message -------- Subject: Summary of February 2024 Outdated Audit Statements for
unread,
Audit Reminder Email Summary - Intermediate Certificates
-------- Forwarded Message -------- Subject: Summary of February 2024 Outdated Audit Statements for
Feb 20
Search
Clear search
Close search
Google apps
Main menu