On Wednesday, 31 August 2016 19:32:43 UTC+1, Kathleen Wilson wrote: > Thanks to all of you who have provided thoughtful and constructive input into > this discussion. > > I have filed https://bugzilla.mozilla.org/show_bug.cgi?id=1299579 to request > that the "Hongkong Post e-Cert CA 1 - 10" intermediate cert be added to > OneCRL. See the bug for further details.
It may make sense to explicitly tell Hongkong Post that it must not do anything which would have the effect of subverting/ undoing this change. For example, if Hongkong Post wants to create a new certificate for the intermediate "Hongkong Post e-Cert CA 1 - 10" (perhaps now with constraints forbidding SSL Server certs) it should ensure Mozilla understands and agrees the contents of that new certificate as appropriate first. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy