On Monday, April 6, 2015 at 1:53:26 PM UTC-4, Eugene wrote: > I have found four more CAs that are not compliant with this requirement: > 1. Entrust: http://www.entrust.net/about/practices.cfm, last updated on Mar > 4, 2014 > 2. Taiwan CA: > https://www.twca.com.tw/Portal/english/coporate_profile/Repository.html, last > updated on Jan 22, 2013 > 3. Trend Micro: > https://www.trendmicro.com/us/enterprise/cloud-solutions/deep-security/ssl-certificates/index.html#resources, > last updated on Feb 17, 2014 > 4. Gandi CA (signed by AddTrust): > http://www.gandi.net/static/docs/en/gandi-certification-practice-statement.pdf, > last updated on Feb 15, 2009 > > Does Mozilla want to remind these CAs to update their CP/CPS? Or is it fine > to relax this requirement?
Hi Eugene, Thanks for the heads up. We currently have the updated CPS under review and it we be published within the next week. Bruce. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
