David E. Ross wrote: > On 11/24/2007 11:52 PM, C.J. Adams-Collier wrote [in part]: > >> 2a) I recommend that we advise applicants to review rfc2527 >> > > RFC 2527 has been obsoleted by RFC 3647. > > The policy should also make clear that third-party certifications or > attestations must be available from that third party. While such > documents might be provided by the CA for information, it is necessary > that they be authenticated by being sent (hardcopy) directly by the > signator or viewed on the signator's Web site. In particular, secret or > confidential audits should not be acceptable. > David, secret or confidential audit statements are not accepted by Mozilla as far as I know.
-- Regards Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org> Jabber: [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]> Blog: Join the Revolution! <http://blog.startcom.org> Phone: +1.213.341.0390 _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
