On 19/5/2016 4:36 μμ, Rob Stradling wrote:
On 18/05/16 17:23, Dimitris Zacharopoulos wrote:
This intermediate seems technically constrained for SSL and S/MIME
certificates, which are the only type of certs under the current
Mozilla policy.
Dimitris, are we looking at the same version of the Mozilla policy?
I'm looking at this one:
https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/inclusion/
Code Signing _is_ still mentioned.
According to the discussion from
https://groups.google.com/forum/#!msg/mozilla.dev.security.policy/004uvRRnVyY/Ljo_vWJdCAAJ
policy version 2.3 will remove code signing references. Should we still
invest in this EKU in the Mozilla program? Should all CAs publish
information about codeSigning Intermediate CAs even when these will be
obsolete when policy 2.3 will be published? I was in favor of keeping
the code signing trust bit but it seems that this decision is final and
not up to further discussion.
Best regards,
Dimitris.
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
