On 6/7/16 9:47 AM, Kathleen Wilson wrote:
On Wednesday, April 20, 2016 at 1:01:18 PM UTC-7, Kathleen Wilson wrote:
This request by ISRG is to include the "ISRG Root X1" root certificate, and
turn on the Websites trust bit.
Internet Security Research Group (ISRG) offers server authentication
certificates to the general public around the world.
The request is documented in the following bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=1204656
And in the pending certificates list:
https://wiki.mozilla.org/CA:PendingCAs
Summary of Information Gathered and Verified:
https://bugzilla.mozilla.org/attachment.cgi?id=8727954
Noteworthy points:
* The primary documents are the CP and CPS, which are provided in English.
Document Repository: https://letsencrypt.org/repository/
CP: https://letsencrypt.org/documents/ISRG-CP-September-9-2015.pdf
CPS: https://letsencrypt.org/documents/ISRG-CPS-March-16-2016.pdf
Thank you to everyone who has reviewed and commented on this request from ISRG to include
the "ISRG Root X1" root certificate, and turn on the Websites trust bit.
There is an open request for ISRG to fix a few things in the next version of
their CP/CPS, but none of the items are show stoppers. And I believe that all
of the other questions have been resolved.
Therefore, I plan to close this discussion and recommend approval in the bug.
Thanks,
Kathleen
Thanks again to all of you who have continued to contribute to this
discussion. I appreciate all of the thorough reviews of this request.
There have been additional suggestions that this CA should take under
consideration in the next version of their CP/CPS. However, I have not
seen any questions/concerns that are show-stoppers for this request. It
appears that this CA is in compliance with the current BRs and Mozilla's
CA Certificate Policy.
Therefore, I intend to proceed with closing this discussion and
recommending approval in the bug.
Thanks,
Kathleen
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
