In an earlier message I promised to create a "metapolicy" that would explain and clarify the philosophy behind the proposed CA certificate policy. Among other things, this will help guide me in creating the next version of the proposed policy, and some if not all of this material will also show up in the rationales section of the FAQ. (In the FAQ I'll probably just call this the philosophy behind the policy, after David Ross, but for now I can't resist the coolness factor of "metapolicy".)
(I apologize for the delay in sending this out; I caught sick and haven't been able to do much the past two or three days.)
More apologies -- I wasn't as recovered from my illness as I thought, and so I have not been able to give this any attention at all for the past few days. I'll try to do better now that I'm feeling better.
My general plan is as follows:
1. Make a few brief responses to points raised in this discussion (not every point, but I'll try to respond wherever I think a response is needed).
2. Do a quick rework of the metapolicy and repost that (probably as HTML, as I think it may be worth keeping this as a separate document).
3. Do a next revision of the policy and FAQ based on the revised metapolicy.
Frank
-- Frank Hecker hecker.org _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
