On 02/06/17 17:24, Kurt Roeckx wrote: > On Fri, Jun 02, 2017 at 04:50:44PM +0100, Gervase Markham wrote: >> On 02/06/17 12:24, Kurt Roeckx wrote: >>> Should that be "all certificates" instead of "all SSL certificates"? >> >> No; the Baseline Requirements apply only to SSL certificates. > > Then I don't understand what you're trying to do. If the BR > already apply to all SSL certificates,
No. The Baseline Requirements state that they apply to _some_ SSL certificates. Exactly which ones is not clear because the BRs use language of intent. From section 1.1: "These Requirements only address Certificates intended to be used for authenticating servers accessible through the Internet." Mozilla does not believe the language of intent is useful, and wants to use language of capability to define scope. Therefore, we have our own scope statement for our policy, and now want to make it clear that there's no such thing as an SSL certificate which falls under the Mozilla policy but does not fall under the BRs, despite the differing and unclear scope statement in the BRs. Gerv _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
