Yes, I wanted to know if a regular user can use its Gmail account to get an s/mime cert but that can´t be issued because the CA can´t validate the domain properly because it´s not his or authorized to use it when doing the 3.2.2.4
Best regards Iñigo Barreira CEO StartCom CA Limited -----Original Message----- From: dev-security-policy [mailto:dev-security-policy-bounces+inigo=startcomca....@lists.mozilla.org] On Behalf Of Gervase Markham via dev-security-policy Sent: viernes, 19 de mayo de 2017 16:38 To: mozilla-dev-security-pol...@lists.mozilla.org Subject: Re: Policy 2.5 Proposal: Fix definition of constraints for id-kp-emailProtection On 19/05/17 15:16, Inigo Barreira wrote: > What about those for gmail, Hotmail, etc.? Are out of scope? I'm not sure what you mean. If Gmail wants a TCSC for @gmail.com, they can have one. They would presumably need to set the dirName to "" or null, because no dirName can cover all of their customers, as their customerd don't represent Google? Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy