Thanks for your detail info. No worry about this, all companies must be complied with local law.
But I really don't care who is my company's shareholder's shareholder's shareholder, you need to find out this by yourself if you care. If you think Mozilla must require this, please add to the Mozilla policy that require all CA disclose its nine generation including all subordinate companies and all parent companies. Best Regards, Richard -----Original Message----- From: dev-security-policy [mailto:dev-security-policy-bounces+richard=wosign....@lists.mozilla.org] On Behalf Of Nick Lamb Sent: Tuesday, September 20, 2016 9:06 AM To: mozilla-dev-security-pol...@lists.mozilla.org Subject: Re: Incidents involving the CA WoSign On Tuesday, 20 September 2016 01:25:59 UTC+1, Richard Wang wrote: > This case is WoSign problem, you found out all related subordinate companies > and all related parent companies that up to nine generations! I think this is > NOT the best practice in the modern law-respect society. It seems the governments of the European Union countries (including the UK where one of the mentioned companies is located) disagree with you about whether this is best practice. Identifying individual human persons behind a company is a key plank of their anti-money laundering and anti-tax evasion policies. To identify these human persons it is necessary to look through any number (even more than nine) of layers of corporate ownership. In the UK the legal term is Persons with Significant Control and PSC registration is mandatory since this summer, a company registered in the UK is obliged to figure out if there are such Persons and if so list them in its routine filings. Failing to properly investigate, or concealing the truth about control of the company is punishable by forfeiture, ie the state would seize the company's assets. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy