On 5/28/2015 4:32 PM, Kathleen Wilson wrote: > On 5/6/15 11:58 AM, Kathleen Wilson wrote: >> On 4/23/15 4:21 PM, Kathleen Wilson wrote: >>> All, >>> >>> It has been brought to my attention that we do not have a documented >>> procedure or policy about how to transfer a root certificate from one CA >>> to another. >>> >>> Do we need to add expectations about root cert transfers to Mozilla's CA >>> Certificate Policy? >>> >>> I think, at the minimum, we should add information about our >>> expectations to one of our process wiki pages, or maybe this needs its >>> own wiki page? >>> >> >> Thanks to all of you who have contributed to this discussion so far. You >> have given me a lot to think about, so it will take me a bit longer to >> respond with a proposal. >> >> I am currently thinking that we should have a separate wiki page about >> this topic. The page should outline the different ways the ownership of >> a root certificate may change, and our expectations. >> >> Thanks, >> Kathleen >> > > > I have started the wiki page for this, and I will appreciate your > feedback on it. > > https://wiki.mozilla.org/CA:RootTransferPolicy > > Thanks, > Kathleen >
Does the line beginning "In all of these cases, the CA should take ..." apply only to Physical Relocation? If not, the section beginning with that line should have its own section header. It appears that some of the numbered items apply only to Physical Relocation while others also apply to Change in Legal Ownership. This appears implied by the statement under Personnel Changes. All of this is confusing. -- David E. Ross I am sticking with SeaMonkey 2.26.1 until saved passwords can be used when autocomplete=off. See <https://bugzilla.mozilla.org/show_bug.cgi?id=433238>. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
