On 12/27/2008 05:10 PM, Michael Ströder:
Frank Hecker wrote:
(Plus the expense of a full WebTrust for
CAs audit is likely an order of magnitude higher than Certstar's
probable revenues.)
It's Comodo's business decision whether they delegate some tasks to an
external RA or not and whether the revenues are worth it. That's IMO out
of scope for Mozilla and its policy regarding trusted root CA certs.
Certainly! I don't think Frank implied that (if he would, I'd have some
suggestions to make ;-) ), but simply stated the fact that RAs are not
CAs and hence can't perform themselves a WebTrust for CAs audit. They
could be audited nevertheless by an audit firm to a different set of
criterion of course.
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber: start...@startcom.org
Blog: https://blog.startcom.org
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
