On 18/10/16 06:02, Peter Bowen wrote:
> I think making it clear which entries in certdata.txt have additional
> constraints would be very helpful. 

Here's a start:
https://wiki.mozilla.org/CA:Root_Store_Trust_Mods

I believe the ANSSI root has now been removed and so CNNIC is the only
one (leaving aside WoSign/StartCom) which should appear on the list. Am
I right?

Gerv

_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to