On 24/10/16 06:55, Samuel Pinder wrote: > There's some good questions there, actually. OEM SSL, does that mean > another CA would be doing the validation and issuing using their own > infrastructure and team, which you would be reselling via a > constrained intermediate?
I suspect he means that the other CA will do validation and issuance, and WoSign will be a sales channel. But Richard is welcome to clarify. Of course, if parts of WoSign's infrastructure are involved in the certificate issuance or validation process, those parts would become subject to the audits of the other CA. Gerv _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
