Hi Kathleen/Dev Security mailing lists. Please see the amended CP (4.8) and CPS 7.8) on the GlobalSign repository as highlighted in Kathleen's latest update below.
https://www.globalsign.com/repository/ The repository also contains the previous versions. I'll add this detail to the bug. Wishing you all a nice weekend. Steve > -----Original Message----- > From: dev-security-policy [mailto:dev-security-policy- > [email protected]] On Behalf Of > Kathleen Wilson > Sent: 09 September 2014 23:43 > To: [email protected] > Subject: Re: GlobalSign Request to Include ECC Roots > > On 8/21/14, 3:25 PM, Kathleen Wilson wrote: > > On 7/29/14, 3:26 PM, Kathleen Wilson wrote: > >> GlobalSign has applied to include the "GlobalSign ECC Root CA - R4" > >> and "GlobalSign ECC Root CA - R5" root certificates, and turn on all > >> three trust bits and enable EV treatment for both roots. > >> > > > > > > Thanks to those of you who have already contributed to this discussion. > > > > While we wait for GlobalSign to update their CPS... > > > > Does anyone else have comments/questions/concerns about this request? > > > > Kathleen > > > > > In this discussion it was pointed out that the CP/CPS did not say how GlobalSign > confirms that the certificate subscriber owns/controls the domain to be included in > EV certificates. > > > CPS section 3.2.2: "For all Certificates *other than Extended > > Validation*, the legal existence, legal name, legal form and requested > > address of the organization is verified using one of the following:" > > > So GlobalSign has updated their CP/CPS as described here: > https://bugzilla.mozilla.org/show_bug.cgi?id=825954#c13 > > While we are waiting for the updated CP/CPS to be posted on GlobalSign's > website... > > Does anyone have any further comments or questions about this root inclusion > request? > > If not, then after confirming that the updated CP/CPS are posted on their website, > I will close this discussion and recommend approval of this inclusion request in > the bug. > > Thanks, > Kathleen > > > _______________________________________________ > dev-security-policy mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
