I don't have a strong opinion but I think it's okay to emphasize that we expect the POC to update Mozilla about new POCs. Up to you, though.
On 11/4/13 4:19 PM, [email protected] wrote:
> Kathleen, > > Is it captured somewhere that the CA will provide Mozilla with updated > contact info if a new person becomes the point of contact for the CA? I > wasn't sure. > http://www.mozilla.org/projects/security/certs/policy/MaintenancePolicy.html "6. We require that all CAs whose certificates are distributed with our software products ensure that we have their current contact information." But do you think I also need to include it as a separate line item here? The POC will: - Provide annual audit statements - Respond to CA Communications - Make sure the CA’s rows in the included spreadsheet remain current (http://www.mozilla.org/projects/security/certs/included/) - Inform Mozilla when there is a change in the organization, ownership, CA policies, or in the POC that Mozilla should be aware of, as per items 4 through 7 of http://www.mozilla.org/projects/security/certs/policy/MaintenancePolicy.html *- Provide Mozilla with updated contact information if a new person becomes the POC.* Thanks, Kathleen _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy | ||
_______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
