On 11/7/2007 8:26 AM, Frank Hecker wrote [in part]: > I've received a request from the NSS development team that I approve > inclusion of the VeriSign EV root CA certificate in the new version of > NSS to be included in Firefox 3, so that developers and others may test > out the new EV-related functionality in NSS and Firefox 3 beta releases.
Will this be done only for testing purposes? Or will the certificate be included in an end-user release without further analysis? Or will the certificate be subjected to analysis per the final policy revision before end-user release? You have indicated that there is no intent to give VeriSign any advantage over other CAs. If the certificate is included in an end-user release without further analysis, will other EV certificates also be included with the same pre-policy analysis? In the meantime, I second Nigg's concern that a bug report is required. The same process as already used for other certificates should be followed, including a review of the CA's audit and a two-week comment period. All this should be done before any end-user release. However, testing could be conducted in parallel on an installation from which the certificate could be removed prior to end-user release if the formal process is not yet completed. -- David E. Ross <http://www.rossde.com/> Natural foods can be harmful: Look at all the people who die of natural causes. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
