That is the Starfield Services EV policy identifier, not the Starfield EV policy identifier. We clearly call out in section 1.1 of the our CPS that Starfield Services Root Certificate Authority - G2 is covered under the CPS.
On Thu, Mar 9, 2017 at 10:29 PM, Richard Wang <rich...@wosign.com> wrote: > Good demo, thanks. > > I checked that you are using Startfield EV OID in Startfield name root and in > Amazon name root, means you are using the transferred root's EV OID. But I > checked your CPS that don't state this point, please advise, thanks. > > > Best Regards, > > Richard > > -----Original Message----- > From: Peter Bowen [mailto:pzbo...@gmail.com] > Sent: Friday, March 10, 2017 2:16 PM > To: Richard Wang <rich...@wosign.com> > Cc: Ryan Sleevi <r...@sleevi.com>; Gervase Markham <g...@mozilla.org>; > mozilla-dev-security-pol...@lists.mozilla.org > Subject: Re: Google Trust Services roots > > On Wed, Mar 8, 2017 at 10:14 PM, Richard Wang <rich...@wosign.com> wrote: >> Why we setup one EV OID for all roots is that we use the same policy >> for all EV SSL certificate no matter it is issued by which root. The >> policy OID is unique ID >> >> If Google use the GlobalSign EV OID, and GlobalSign also use this EV OID, >> this means two companies use the same policy? >> >> It is better to do a test: Google issue a EV SSL certificate from this >> acquired root using the GlobalSign EV OID, then check every browser's UI >> display info, to check if that info will confuse the browser users. > > Richard, > > I'll make this easier: > > Go to https://good.sca1a.amazontrust.com/ and > https://good.sca0a.amazontrust.com/ in Safari and Microsoft IE/Edge. > Tell me which CA issued the certificates for those sites. (Note that we > don't send SCTs on those sites right now, so they aren't treated as EV in > Chrome, and we are still pending for EV in Mozilla) > > Thanks, > Peter _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
