On 12/12/2008 09:39 PM, Frank Hecker:
Eddy Nigg wrote:
Considering that this is a root for EV certificates only (and I hope
this is indeed the case and no other certificates will be issued from
this root),
<snip>
Per comment #15 of bug 394419 and the CA hierarchy diagram submitted by
SECOM Trust and attached to the bug, Security Communication EV RootCA1
(the root at issue here) is being used only for EV SSL certificates. It
has a single subordinate CA, SECOM Passport for Web EV CA (also operated
by SECOM Trust), that is the actual issuing CA.
SECOM Trust has another root (Security Communication RootCA1, no "EV")
already in Mozilla, so they have no need to use this new root for non-EV
SSL certificates. Per comment #15, SECOM Trust may consider using the
new root for other purposes in the future, e.g., object signing
certificates. If they want to do that at some point then they will need
to submit a new request. The current request is to enable the new root
for SSL use only.
Note that I have in fact reviewed various sections of the CPS and CP,
using Google Translate. I didn't see anything in them that was
inconsistent with what I've written above.
Excellent!
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber: start...@startcom.org
Blog: https://blog.startcom.org
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
