Re: Comodo request for EV-enabling 3 existing roots

Sat, 15 Mar 2008 13:28:44 -0700 

I have the following questions concerning the Comodo inclusion and 
upgrade requests. I'd be glad if the representative of Comodo could 
answer them directly.

1.) Is it possible to get a list of the currently active issuing 
intermediate CA certificates of each CA root *currently* for 
consideration? It would be interesting to know which of these issue EV, 
both or non-EV.

2.) The audit report for non-EV operations refers to the CA operation at 
Manchester. The audit report for EV refers to the CA operations at New 
Jersey. One of the roots is from a company operating in Sweden, one 
operating in Salt Lake City, Utah, USA and and one of Salford, GB. Can 
the relations between these locations and the general operation of 
Comodo and the audit reports be explained?

3.) Here a few questions in relation to the LiteSSL CPS:

    * 1.12 states: "Because LiteSSL and LiteSSL Wildcard certificates
      are not intended to be used in an e-commerce transaction or
      environment, parties who rely on a LiteSSL or LiteSSL Wildcard
      certificate do not qualify as a relying party." How can a relying
      party NOT be a relying party? This is also confirmed under section
      4.11.
    * 4.1 states that the enrollment process MAY include check for
      domain ownership. This means that the checks can be omitted?
    * 2.4.7 states that LiteSSL certificates are (maybe) domain name
      validated only, but also issues wild card certificates (2.4.1).
      How does Comodo prevent or control misuse of wild card
      certificates, specially in relation to phishing attempts?
    * Does Comodo believe that such wild card certificates are issued
      according to verification requirements for this special type of
      certificates?
    * 4.8 states a certificate validity of up to ten years and beyond. I
      couldn't find any provision in case the domain name expires.
      Please comment!
    * Does Comodo believe that this CPS is in compliance to the Mozilla
      CA policy
      (http://www.mozilla.org/projects/security/certs/policy/)? The same
      applies also to the Comodo CPS v3. Please comment!

Thanks for addressing my questions!


-- 
Regards 
 
Signer:         Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber:         [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]>
Blog:   Join the Revolution! <http://blog.startcom.org>
Phone:          +1.213.341.0390
 

_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to