Nelson B Bolyard wrote: > I think we should be absolutely consistent with regard to this aspect of > the policy. If we decide, now, that we ARE willing to accept requests > from third parties, then I think we should go back to the recently > rejected requests (in bugzilla) and reopen them and reconsider them. > > Note that several requests have been sent to the members of the CABForum, > inviting them (begging them? :) to submit their new root CA requests to > mozilla (through bugzilla), and those requests for requests have been > largely ignored. Most of the CABForum CAs have not yet filed requests > for inclusion of their root CA certs in bugzilla. > > I mention this because it may come to pass that, in order for EV to be > perceived by users as working in Firefox, it will be necessary for > mozilla to consider adding certs for CAs that have NOT requested the > addition of their certs. So, I think we should be prepared for the > possibility that the requests simply will not have arrived by the time > FF3 is ready to ship.
I'd like to make some of you aware of the latest entry by Rick from Verisign of the bug 402947. Rick writes, that their EV audit is under way...meaning that Verisign hasn't finished the process of the first audit yet. This might give us an indication about why some/many of the potential issuers of EV certificates haven't yet requested to have their root(s) marked as such since auditing is still under way. The inclusion request by Verisign confirms the Mozilla CA policy and Mozilla's firm commitment to it. I'm very glad to see this happening now, which sets an example for all CAs with legacy roots in NSS. There will be no excuse by anybody, being it developer or CA not to undergo the formal process Mozilla requires. -- Regards Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org> Jabber: [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]> Blog: Join the Revolution! <http://blog.startcom.org> Phone: +1.213.341.0390 _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
