[cabfpub] Proposal of a SHA-1 exception procedure
Dean Coclin
Dean_Coclin at symantec.com
Mon Jun 27 15:33:58 MST 2016
Gerv,
Is it safe to say from your comments below that Mozilla is supportive of the
Google proposal as currently written?
Dean
-----Original Message-----
From: Gervase Markham [mailto:gerv at mozilla.org]
Sent: Tuesday, June 21, 2016 8:39 AM
To: Ryan Sleevi <sleevi at google.com>; Dean Coclin <Dean_Coclin at symantec.com>
Cc: CABFPub <public at cabforum.org>
Subject: Re: [cabfpub] Proposal of a SHA-1 exception procedure
On 17/06/16 20:17, Ryan Sleevi wrote:
> For Google, the procedure we laid out is one that, so far, we think
> best represents the balance between the ecosystem participants. That
> includes the necessary disclosures and information so that we can
> gather information necessary to avoid such situations in the future,
> while having the necessary transparency for us effectively accepting,
> on behalf of the Internet trust ecosystem, the security risks.
>
> It's useful to know what Apple/Mozilla/Opera/Qihoo360 think, as well
> as any other root store program that may be presented with such audits.
Mozilla is generally supportive of the extent and depth of the questions
outlined in Google's draft procedure. We don't see a problem with different
root programs having different requirements as long as none of them are
actively conflicting; the CAB Forum's role in this situation would be to
produce the superset of all the requirements, so that applicants can provide
all the information required by the different programs in one go.
Gerv
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5723 bytes
Desc: not available
Url : https://cabforum.org/pipermail/public/attachments/20160627/5bd4104e/attachment.bin
More information about the Public
mailing list