I noticed in the open bug reports for adding new root certificates that several national certification authorities are actually acting as super CAs without complete accountability for the operations of their subsidiary CAs. Is the plan to eventually include the roots of the super CAs in the NSS database? Or will only the roots of the subsidiary CAs be included, after the usual Mozilla review process? How will this be decided?
See: <https://bugzilla.mozilla.org/show_bug.cgi?id=335197> <https://bugzilla.mozilla.org/show_bug.cgi?id=438825> <https://bugzilla.mozilla.org/show_bug.cgi?id=557167> -- David E. Ross <http://www.rossde.com/> On occasion, I filter and ignore all newsgroup messages posted through GoogleGroups via Google's G2/1.0 user agent because of spam, flames, and trolling from that source. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
