On Thursday, August 3, 2017 at 3:09:25 PM UTC-7, Kurt Roeckx wrote: > I would really like to see that they have at least opened a bug to > request the inclusion of that CA before it's cross-signed.
Here's StartCom's current root inclusion request: https://bugzilla.mozilla.org/show_bug.cgi?id=1381406 > It should > have already all the requirements that Mozilla has for including the > root CA certificate before it's cross signed. Correct. That should be true for all subCAs that are cross-signed by currently-included CAs. > > I would prefer that it's even included in the Mozilla root store > before it's cross signed, That might not be fair, given how long Mozilla's root inclusion process takes, and that we don't require this of other CAs who are new to our program. Kathleen _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
