In this case, no any CA named as letsencrypt similar name, and no any CA want to impersonate, most CA program require the root CA have a unique friendly name in the CA program.
Best Regards, Richard -----Original Message----- From: dev-security-policy [mailto:dev-security-policy-bounces+richard=wosign....@lists.mozilla.org] On Behalf Of Tom Delmas Sent: Thursday, December 22, 2016 10:30 PM To: Gervase Markham <g...@mozilla.org> Cc: mozilla-dev-security-pol...@lists.mozilla.org Subject: Re: wosign and letsencrypt.cn / letsencrypt.com.cn Hi Gerv, > It's never come up. But I think we would be reluctant to intervene; Thank you for that answer. I understand it. > there are other mechanisms for sorting out such disputes, and it's not > our job to interpret or enforce trademark law or domain name dispute > resolution law. There are other mechanisms. But hard to use, especially between countries. As a Firefox user, I expect that CA trusted by Firefox are clearly identifiable and distinguishable from each others. We need CA to avoid website impersonation. In order to achieve that, I feel that "CA impersonation" must be avoided before all. And the logical way to do it in my opinion is in the Mozilla CA Certificate Policy. Tom _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
