On 18/05/17 23:40, Nick Lamb wrote:
> Mmmm. I believe only is acceptable to Mozilla, am I wrong
> here? Judging from self-assessment document, TrustCor's actual
> practices are all intended to be compliant (I will examine in
> more detail later) but the language here suggests it might be
> possible for applicants to successfully validate for DV by some other
> means not listed in, which (again unless I'm mistaken)
> Mozilla considers always to be mis-issuance.

As of 21st July 2017, yes :-) The language should be clear that only methods are allowed, and each documented method
should say which subsection of it is complying with.

dev-security-policy mailing list

Reply via email to