On 10/11/16 19:52, Robin Alden wrote: > To avoid suggestions of weasel-words around the CA/B forum's struggle with > their IP policy my understanding is that at least Microsoft, and I hope > other browsers too, will incorporate the Ballot 169 wording into their > policy regardless of whether the CA/B has ratified it by then.
If Microsoft are going to do this, maybe it's a moot point, but my current feeling is that requiring CAs to implement exactly one of the methods from ballot 169, at a time when all methods are under a greater or smaller IPR uncertainty cloud, would put CAs who would need to make changes at risk of an unknowing IPR infringement. So our current plan is not to require this. However, comments on this viewpoint are welcomed. Our preference is that CAs who are not using "any other method" don't start using it, and CAs which are using it don't invent new "any other method" schemes between now and when they stop using "any other method" altogether. But this view is somewhat difficult to encode in policy. Gerv _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
