On 20/10/16 15:05, Kathleen Wilson wrote: > You are receiving this email because our records indicate that there > are non-technically-constrained intermediate certificates that chain > up to your root certificates that are included in Mozilla’s program > that have not been entered into the CA Community in Salesforce. > Please complete this requirement by November 14, 2016.
I don't think we should set another deadline. We should remind them that the deadline was June, tell them to do it ASAP, and warn them that we could begin discussions about taking action at any time. > of Mozilla's CA Certificate Inclusion Policy, you are required to > provide public-facing documentation about the certificate > verification requirements and annual public attestation of > conformance to said requirements. There is an open question, raised by Peter Bowen in CAB Forum, of what to do about intermediate CAs which were created since the last audit. We should work out what to do about that, at least in the short term, before sending this message. Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
