Dear Moo, I pray this some how gets to you, and I hope it makes makes sense to you. As you know I'm still Novice and I'll be leaving here a Novice. One thing I know for sure you have a lot of followers that are Novices also. I can only speak for me, so many things a way above my head, so I do a lot of reading till I at least get the hang of it, not enough to be able to help but enough to know where your heading, enough to know a few of your people who had spoke with forked tongues.
I'm now putting a work in for the other Novices. There a quite a few who want to help but a totally lost in the language of the development of Programs. I don't know if there is any way you and your teams can break the language down into laymen terms even if it's something simple that they can contribruite. As for me you know where I stand and it's not getting better, only worse. I want to thank you for everything I don't know what I would have done without you. As for that new Server I've been informed they don't forward my mail, and their bugging the heck out of me to place them as my home page. You know me I don't stick around long enough to give them an answer I sure hope you recieve this, it's been a while, but I lost every thing on mylast crash, including all my pictures. Well my friend I PRAY every thing works out for you and your great TEAMS my thoughts are always with you. Best Regards, Always *********************************************************************** C.J. Adams-Collier wrote: > As Eddy said, discussion of ammendments to the Policy are a bit off topic > for threads about certificate inclusion. > > 1) This policy does leave a loophole in regards to domain ownership. It > seems to me that the policy should make continued inclusion contingent on > continued domain ownership by the entity originally requesting inclusion. > > 1a) This loophole could be closed if domain (and thus, CA) ownership > transfer triggered a review of policy compliance or revoked inclusion > outright. > > 1b) Perhaps QA should add an automated "continued ownership verification" > step to its pre-release regression suite, if one does not already exist. > > 2) Since there is a period of public review before CA inclusion is > confirmed, it seems that the required documents should be required to be in > a format viewable by the public. > > 2a) I recommend that we advise applicants to review rfc2527 > > 2b) I do not consider ".doc" files generated by "Microsoft Office Word" to > fall into the category of "viewable by the public." This file format it is > proprietary, undocumented, and has historically varied when "open" document > readers are implemented. > > 2c) I recommend that we require that documents be presented in the current > "lingua franca," and that their content be encoded as utf8 > > 3) There is currently no definition of how recently an audit must have been > performed by a trusted third party, only that one must have been performed. > > 3a) I recommend that we place a reasonable limit on how recently an audit > must have been performed before accepting an application for certificate > inclusion. > > 3b) I recommend that CAs be required to provide proof of a successful audit > at reasonable intervals for continued inclusion. I leave it up to the list > to decide what "reasonable" means. For reference, W ashington State requires > that electrical licenses be renewed every two years. > > 3c) I recommend that if an application process exceeds a year prior to > approval, the applicant be required to provide proof of an additional > successful audit prior to the continuation of the approval process > > Thoughts? > > C.J. > _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
