W3C home > Mailing lists > Public > public-webappsec@w3.org > April 2015

Re: Fate of Secure Origins in Question?

From: Daniel Veditz <dveditz@mozilla.com>
Date: Mon, 6 Apr 2015 10:05:38 -0700
Message-ID: <CADYDTCAgffj9NqQGodLv=43dCn=ozEqZBZC0yKOdyf=p9WL7iA@mail.gmail.com>
To: Brad Hill <hillbrad@gmail.com>
Cc: noloader@gmail.com, "public-webappsec@w3.org" <public-webappsec@w3.org>
I echo Brad's suggestion to take this concern to Mozilla's security policy
group. Issuing unconstrained and un-audited sub-CA certs would violate
Mozilla's certificate policy (see section 8 of
The press release doesn't actually say such certs would be unconstrained
and GeoTrust should be well aware of these requirements, but it doesn't
hurt to follow-up and make sure.

-Dan Veditz
Received on Monday, 6 April 2015 17:06:07 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:48 UTC