On Friday, 14 October 2016 02:21:36 UTC+1, Matt Palmer  wrote:
> Will there be any requirements around the qualification status of the logs,
> or could anyone who wanted to be "nice" just stand up a log, and have these
> CAs obtain precerts from them?

I don't think Mozilla has declared any specific requirements, but presumably 
they would expect to choose the same or similar criteria as Google's Chrome 
which you're already aware of but I'll link for anybody else


For the immediate purpose here (allowing broad oversight over what the new CA 
is issuing) some of these criteria are less important, e.g. the >99% uptime may 
be less important because oversight would be done via a monitor, but Mozilla 
intends to add SCT-checking to Firefox, at which point all the criteria will be 
dev-security-policy mailing list

Reply via email to