On 31/07/2017 16:06, Gervase Markham wrote:
On 31/07/17 15:00, Jakob Bohm wrote:
It was previously stated in this newsgroup that non-SSLServer trust
would not be terminated, at least for now.
It was? Reference, please?
That was my general impression, I don't have a good way to search the
list for this. I was just trying to be helpful.
- Due to current Mozilla implementation bugs,
I am referring to the fact that EV-trust is currently assigned to roots,
not to SubCAs, at least as far as visible root store descriptions go.
Since I know of no standard way for a SubCA certificate to state if it
intended for EV certs or not, that would cause EV-trust to percolate
into SubCAs that were never intended for this purpose by the root CA.
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
dev-security-policy mailing list