On 2015-04-02 16:34, Phillip Hallam-Baker wrote:
Further no private key should ever be in a network accessible device unless the following apply:1) There is a path length constraint that limits issue to EE certs. 2) It is an end entity certificate.
Why 1)? Kurt _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
