"Non-Technically Constrained Subordinate CAs"
Kathleen, I wonder if some people might interpret that as "Subordinate
CAs that _are_ Constrained by Non-Technical means". This would
obviously exclude Subordinate CAs that are completely unconstrained
(both technically and non-technically).
So, for the sake of clarity, I suggest the title "Subordinate CAs that
are not Technically Constrained".
On 17/10/13 18:18, Kathleen Wilson wrote:
All,
I need to update
https://wiki.mozilla.org/CA:SubordinateCA_checklist
to reflect the current policy (technically constrain or disclose/audit).
I propose the following changes.
1) Remove the Terminology section. Given the current policy, the terms
"In-House", "Third-Party", "Private", "Public" do not matter anymore.
The only distinction we need to make now is between technically
constrained (according to Mozilla policy) or not.
2) In the introductory section clearly reference items #8, 9, and 10 of
http://www.mozilla.org/projects/security/certs/policy/InclusionPolicy.html
3) Remove the "Third-Party Private (or Enterprise) Subordinate CAs"
section.
4) Change the title of the "Third-Party Public Subordinate CAs" section
to "Non-Technically Constrained Subordinate CAs", and add a line item
for Baseline Requirements policy and audit.
Any comments or corrections before I proceed to make these changes?
Kathleen
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
Office Tel: +44.(0)1274.730505
Office Fax: +44.(0)1274.730909
www.comodo.com
COMODO CA Limited, Registered in England No. 04058690
Registered Office:
3rd Floor, 26 Office Village, Exchange Quay,
Trafford Road, Salford, Manchester M5 3EQ
This e-mail and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they are
addressed. If you have received this email in error please notify the
sender by replying to the e-mail containing this attachment. Replies to
this email may be monitored by COMODO for operational or business
reasons. Whilst every endeavour is taken to ensure that e-mails are free
from viruses, no liability can be accepted and the recipient is
requested to use their own virus checking software.
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
