In my opinion, the first consideration of any new CA inclusion and subsequent update requests for ca-certificates should come from a verifiable representative of the CA organization (outside of additions/updates that come from Mozilla).
The Mozilla CA process is well documented, and perhaps streamlining a similar process for Debian ca-certificates, modeled after Mozilla's, might be the way to go. -- Kind regards, Michael
signature.asc
Description: OpenPGP digital signature