Hi Ryan, On 10/04/17 17:20, Ryan Sleevi wrote: > 1) You stated that this partner program applies to non-TLS certificates. > The audit for both STN and for the RAs fails to make this distinction. For > example, audits are listed related to the issuance of of TLS certificates.
The audits linked to from the wiki page relating to E-Sign and MSC TrustGate don't seem to have any mention of TLS certificates. Can you explain which audits you are referring to above that do mention them? > 2) What technical restrictions, if any, exist to ensure that RAs do not > issue TLS certificates? This is a good question. Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy