New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 614323 link

Starred by 4 users
Status: WontFix
Owner:
eranm@chromium.org
Closed: Oct 2016
Cc:
eranm@chromium.org
benl@chromium.org
certific...@googlegroups.com
asymmetric@chromium.org
rsleevi@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug



Sign in to add a comment

Izenpe CT log operator inclusion request

Reported by inigo.ba...@gmail.com, May 24 2016 
<b>Chrome Version       : <Copy from: 'about:version'></b>

Contact information:
- email: atecnica@izenpe.net
- Phone: +34-945067705
- contact persons: Iñigo Barreira and David Fernández


endpoint: ct.izenpe.eus 
Base64 Log ID:iUFEnHB0Lga5/JznsRa6ACSqNtWa9E8CBEBPAPfqhWY=
Operator: Izenpe
HTTPS supported: yes
Contact: atecnica@izenpe.eus
Maximum Merge Delay: 24 hours


Description: Currently, the only policy in place is that the certificate is chained to a publicly trusted root certificate. However, during the testing and log inclusion process, we are only including the Izenpe trusted root and the google one as authorized. Additional root entries will be evaluated after receiving an inclusion request. We will likely develop our policies further based on the results from the discussions in the Trans working group and our own internal policies.  Such policies may include an enforcement of BR and EV standards, a requirement for at least organizational vetting on the certificate, minimum key sizes and hash algorithms, and similar checks.


Attached is the PEM file with the list of CAs included and the public key

Regards
ca-cert_prod.pem
4.1 KB Download
izenpe_pub_key.pem
178 bytes Download

Comment 1 by rsleevi@chromium.org, May 24 2016

Cc: certific...@googlegroups.com eranm@chromium.org benl@chromium.org
Components: Internals>Network>CertTrans
Status: Untriaged (was: Unconfirmed)

Comment 2 by eranm@chromium.org, May 24 2016

Owner: eranm@chromium.org
Status: Assigned (was: Untriaged)

Comment 3 by eranm@chromium.org, May 25 2016 

I've started monitoring the log yesterday - Should no issues be detected, the initial compliance monitoring phase will be complete on August 22nd.

By the way, would you like to give the log an informal name? Right now I've got it down as "Izenpe 2nd log", but you can name it if you'd like :)

Comment 4 by yuhongba...@hotmail.com, May 27 2016 

I prefer "new Izenpe log", to distinguish it from the old one.

Comment 5 by kason...@gmail.com, Jun 7 2016 

Bugs caught
ca-cert_prod.pem
4.1 KB Download
izenpe_pub_key.pem
178 bytes Download

Comment 6 by inigo.ba...@gmail.com, Jun 7 2016 

Which bugs? can you explain a little bit more?

And about the name of the log, we prefer to call it "Izenpe Argi"

2016-06-07 9:02 GMT+02:00 kasonong@gmail.com via Monorail <
monorail@chromium.org>:

Comment 7 by shaybod...@gmail.com, Jun 20 2016

ca-cert_prod.pem
4.1 KB Download

Comment 8 by alcutter@google.com, Aug 25 2016 

Sorry to be the bearer of bad news, but as of the end of Argi's compliance monitoring period the observed availability of 93% is falling short of the required 99%.

Once you've figured out & addressed whatever's causing the issue please do feel free to stand up a new log (on a new URL & with a new key) and re-apply with a fresh bug.

Comment 9 by robpercival@chromium.org, Oct 21 2016

Status: WontFix (was: Assigned)

Sign in to add a comment