Certificate Transparency - Wotrus CT log server inclusion request
Reported by
liangdong46@gmail.com,
Sep 15 2017
|
|||||
Issue description1.Contact Information: - email: ctlog@wotrus.com; - phone number: +86-755-8600 8688 - Log Operator: Dong Liang, Jeff Tang 2.Log Server URL: https://ctlog.wotrus.com 3.Server public key: Attached file: wotrus_ctlog_key_public.pem -----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEe9de7LmmJcJERiLqoBniAD+XENbt mVNjeOhtaK/DF7s8jvp0why9powt4pKSkaZdWO/mjhGWIblq/k4D0gXoSg== -----END PUBLIC KEY----- 4.Description and policy: - Open acceptance policy: This log accepts all roots that are enabled for the server authentication trust purpose in one or more of the Microsoft, Mozilla and Apple root programs. We will update this log's list of accepted roots from time to time in accordance with this policy. - Free: There is no cost to CAs for having a root accepted by this log. There is also no cost for submitting certificates/precertificates to this log. There are no contracts to sign at present, but we reserve the right to require contracts in the future. - Rate limits: Submissions are rate-limited by IP address. Upon request, WoTrus will consider raising a submitter's rate limit, but WoTrus reserves the right to decline such requests (if WoTrus does not believe there is sufficient spare capacity) or to charge for this service in the future. - Reasonable Commercial Efforts: WoTrus expects to be able to accept submissions for newly issued certificates, but WoTrus asks that submitters refrain from submitting (to this log) large numbers of certificates that were not recently issued. WoTrus reserves the right to remove (temporarily or permanently) any root from this log's list of accepted roots, without prior notice, if WoTrus is unable to cope with the rate of submissions associated with that root. - Disclaimer: WoTrus's CT Log is provided "AS-IS". The log is an aggregate of information from WoTrus and third parties not under WoTrus's control and, therefore, WoTrus does not guarantee accuracy of information from third party sources or contributors. Further, WoTrus does not guarantee the performance or availability to any end users of the log, whether to certification authorities or other submitters or to any parties or individuals desiring to read the status or the content of the log. We reserve the right to update this log policy from time to time. 5.MMD: 24 hours 6.Accepted Roots: Attached file: wotrus_ctlog_trusted_roots.pem
,
Sep 15 2017
,
Oct 12 2017
,
Oct 12 2017
Apologies, didn't get the comment saved: What are the plans regarding naming? For example, if WoTrus rebrands itself, what plans are there for continuity of the log service? Is there a planned timescale in which GDCA plans to operate this log, at this URL? For example, is this something GDCA has made plans for only one year of operation, or multiple years? I ask in light of the discussion surrounding the temporal sharding at https://groups.google.com/a/chromium.org/d/msg/ct-policy/_eXIfMf7LQQ/rt9GG3orAwAJ , which provides for clear timelines for how long a log will operate until it's rotated or gracefully shut down.
,
Oct 16 2017
We very curious that how you can say we have any relationship with GDCA. We never contact them for any cooperation, but one former CA system engineer work in GDCA now, this is the unique clue. WoSign changed the name to WoTrus, so we need to use new domain for the new log server, if we don’t decide to continue our CA business, no need to change company name, and no need to invest the resource to setup a new CT log server that we have one in WoSign domain. We are preparing the PITRA audit and WebTrust audit now.
,
Oct 16 2017
Thank you for providing more feedback. Adding requester "rsleevi@chromium.org" to the cc list and removing "Needs-Feedback" label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 16 2017
Apologies, that was a copy/paste error. Is there a planned timescale for WoTrust to operate this log? Is this something WoTrust has made plans for only one year of operation, or multiple years?
,
Oct 17 2017
No problem, Ryan. But first, our new name is WoTrus, not WoTrust. For your question, now this CT log server is planed for a long time operation without any stop plan.
,
Nov 20 2017
Hi, rsleevi@chromium.org, 2 months has passed after we post this inclusion request, so, should our log be go into compliance monitoring phase or refuse inclusion for some reason, please give us an more clear reply, thanks!
,
Nov 20
Issue has not been modified or commented on in the last 365 days, please re-open or file a new bug if this is still an issue. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by krajshree@chromium.org
, Sep 15 2017Labels: Needs-Milestone TE-NeedsTriageHelp