All,
It was previously suggested[1] that we align Mozilla's CA Certificate
Policy to RFC 3647, so CAs can compare their CP/CPS side-by-side with
Mozilla's policy, as well as the BRs and audit criteria (such as the
forthcoming ETSI 319 411 series).
I responded by postponing that work to a later policy update, because I
do not personally have time to make this change.
However, a group of people in the CA community have volunteered to do
this work for us, and believe they can get it done in about a month.
So, I would like to propose that we do this change (align to RFC 3647)
now, in version 2.3 of the policy update. Then all of the other changes
for version 2.3 will be made to the re-organized policy.
I look forward to your thoughtful and constructive feedback on this
proposal.
Kathleen
[1]https://groups.google.com/d/msg/mozilla.dev.security.policy/aLhB5flUos8/sYdDI64xGAAJ
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
