Ben, That is a good point, but I was more looking at ones where there link is readily available. For example:
https://www.quovadisglobal.nl/Bedrijfsinformatie/Accreditaties.aspx Right now one would have to go through many different possible reports to figure out which cover which Quovadis CAs. Thanks, Peter On Fri, Oct 21, 2016 at 9:33 AM, Ben Wilson <ben.wil...@digicert.com> wrote: > I think a one-click access to a PDF isn't available for some documents > stored in searchable databases. The only way to get to some documents is to > go to the database and conduct a search. > ________________________________ > From: Peter Bowen > Sent: 10/21/2016 10:08 AM > To: Kathleen Wilson > Cc: mozilla-dev-security-pol...@lists.mozilla.org > Subject: Re: Draft Email - Non-Disclosed SubCAs > > On Thu, Oct 20, 2016 at 1:09 PM, Kathleen Wilson <kwil...@mozilla.com> > wrote: >> You are receiving this email because our records indicate that there are >> non-technically-constrained intermediate certificates that chain up to your >> root certificates that are included in Mozilla’s program that have not been >> entered into the CA Community in Salesforce. Please complete this >> requirement by November 14, 2016. Soon after that date, Mozilla will begin >> discussions in the mozilla.dev.security.policy forum about action to take >> for any remaining non-disclosed non-technically-constrained intermediate >> certificates and the CAs who are responsible for those CA hierarchies. > > I think it would be good to clarify that "non-disclosed" includes > entries in the database that don't have valid information. For > example, the following entries are found in the Standard Audit field: > Available upon request > ETSI TS 102 042 (Available upon request) > Internal Audit > Revocation Pending, CA retired from use > > Additionally several entries are valid HTTP(S) URLs but either return > an error code when requested via GET or return a web page that does > not seem to be an audit report. > > Should the requirement be updated to state that each field should > contain a HTTP(S) URL for a PDF? > > Thanks, > Peter > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
