On 09/05/17 18:25, Doug Beattie wrote:
> I'm not clear on what you mean by CAs must use only the 10 Blessed Methods by 
> 21st July 2017.  
> I'm assuming this is the latest official draft:
> https://github.com/mozilla/pkipolicy/blob/master/rootstore/policy.md

Yes :-)

> Specifically, does this mean all new domain validations must conform to the 
> 10 methods, 
> or that all new issuance 
> must be based on domains validated with only these 10 methods?

It means that all new validations must be done using one of the 10
methods. The rules for information reuse will, I hope, be clarified in
an upcoming ballot in the CAB Forum. Assuming that ballot doesn't say
anything ridiculous, Mozilla will allow reuse according to those rules.

dev-security-policy mailing list

Reply via email to