Erm, I must ask this. Are you proposing to manage Mozilla's CA approval process as though it were a CA itself?
I believe the entire concept of "Mozilla running a CA" has been soundly rejected, time and time again. Granted, the things that it does -- managing the audits, the approvals, and whatnot -- are in line with what any CA that operates under its approval process must do. I also must agree with you that Bugzilla doesn't have at least one of the main features necessary for a system like EV management: "ticklers" to remind when certain things are due (such as "receive a copy of annual audit report for this CA", where each CA is individually tickled/reminded). However, Mozilla has never wanted to "own" a CA key and go through the process of running a secure certification authority of its own. The concept of running the governance as though it were running such may run into some roadblocks. -Kyle H 2008/4/27 Eddy Nigg (StartCom Ltd.) <[EMAIL PROTECTED]>: > > > I view bugzilla absolutely time consuming, unhandy and inefficient for this > purpose. If I'd had to manage the StartCom CA with bugzilla I would be a > dead man by now... > > What I suggest doesn't even come close to bugzilla and the problem bugzilla > tries to solve, but managing the aspects of CA governance. It's like you are > asking me to produce a milk shake with a barbecue grill...(It might be > possible, but good luck then...this is about how our CA process looks about) > _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
