On 10/1/13 11:32 AM, Kathleen Wilson wrote:
The first discussion of the Atos Root Inclusion Request may be found here:
https://groups.google.com/d/msg/mozilla.dev.security.policy/zEfkTiu_Uqk/SkN1oUSykGcJ
To summarize:
Atos applied to include the “Atos TrustedRoot 2011” root certificate and
enable all three trust bits.
Thank you to those of you who have reviewed and commented on this request.
It was noted that the description of domain control validation in the
CPS does not meet the CAB Forum BRs. CPS section 9.5 states that Atos CA
conforms to the Baseline Requirements, but it has been Mozilla practice
to ensure that the CPS directly addresses how the CA verifies that the
certificate subscriber owns/controls the domain name to be included in
the certificate.
ACTION Atos: Update the CPS to clarify the steps taken to verify that
the domain name to be included in the certificate is owned/controlled by
the certificate subscriber.
Does anyone else have comments/suggestions about this request?
Thanks,
Kathleen
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
