On 31/07/2017 16:06, Gervase Markham wrote:
On 31/07/17 15:00, Jakob Bohm wrote:
It was previously stated in this newsgroup that non-SSLServer trust
would not be terminated, at least for now.

It was? Reference, please?


That was my general impression, I don't have a good way to search the
list for this.  I was just trying to be helpful.

- Due to current Mozilla implementation bugs,

Reference, please?


I am referring to the fact that EV-trust is currently assigned to roots,
not to SubCAs, at least as far as visible root store descriptions go.

Since I know of no standard way for a SubCA certificate to state if it
intended for EV certs or not, that would cause EV-trust to percolate
into SubCAs that were never intended for this purpose by the root CA.


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to