On 12/06/2008 08:33 AM, Frank Hecker:
However if there are outstanding issues that in my opinion are relevant, then I'm going to postpone further consideration of the request. This will allow time to try to get the issues resolved, after which we can start a new public discussion period.
Besides the audit report (and the OCSP issue Rob mentioned) it's a little bit hard to review the CP/CSP of this CA ;-)
Considering that this is a root for EV certificates only (and I hope this is indeed the case and no other certificates will be issued from this root), I think that we can rely on the audit report solemnly, without being able to read the CP/CPS.
Are there any guaranties that this root will be used only for EV? Is this what the audit report(s) confirm? Are we able to review the audit report or is the non-disclosure clause acceptable? Besides that I still don't understand from where this comes from really...Frank, any suggestions?
-- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: [EMAIL PROTECTED] Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
