Frank Hecker wrote: > Korea Certification Authority Central (KCAC) of the Korean Information > Security Administration (KISA) has applied to add three root CA > certificates to the Mozilla root store, as documented in the following bug: > > https://bugzilla.mozilla.org/show_bug.cgi?id=335197 <snip> > I have evaluated their request, as per the mozilla.org CA certificate > policy: > > http://www.mozilla.org/projects/security/certs/policy/ > > and plan to approve this request in two weeks time. If you have any > objections, or know of facts which might influence this decision, please > make them known before then.
Just to provide an update on this, since the public comment period ended some time ago. As far as I can determine, the only remaining issue holding up approval of this request is confirming that the MIC audit of KISA was/is acceptable. My basic strategy to do that has been to get confirmation that the audit covered all the points addressed by the WebTrust for CAs criteria. See the bug for more info. Frank P.S. In looking into the general question of government-run CAs, I noted that Microsoft has special language in its CA policy relating to the audit question. I'm going to do a separate post about this, as it's worthy of discussion I think. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
